Frameworks
Overview
Secberus provides unified visibility over common regulatory compliance frameworks and security best practices. Secberus achieves this through the execution of Secberus frameworks.
A framework is a collection of policies mapped to security and/or compliance rules. You can control which frameworks to enable in each Organization by navigating to Settings > Manage frameworks and updating the status toggle. Enabling a framework will activate all policies mapped to the framework, enabling them to run against the data collected from each applicable data source to check for possible violations.
In addition to the included framework templates, you can also create custom frameworks in order to meet your own specific requirements.
Note
Policies make it easy to quickly assess risk and identify potential vulnerabilities. See Managing Policy Coverage for details on how to customize Secberus policies for your environments.
Framework templates
The following regulations and compliance frameworks are included as templates. They can be customized to meet your specific needs, or used as is.
| Compliance Regulation | AWS | Azure | GCP | Okta |
|---|---|---|---|---|
| CIS Benchmarks | YES | YES | YES | NO |
| CMMC | YES | YES | YES | NO |
| FedRAMP Low/Moderate | YES | YES | YES | NO |
| FISC | YES | YES | YES | NO |
| HITRUST CSF | YES | YES | YES | NO |
| HIPAA | YES | YES | YES | YES |
| ISO 27002 | YES | YES | YES | YES |
| PCI DSS | YES | YES | YES | NO |
| SOC2 | YES | YES | YES | YES |
Updated 3 months ago