Frameworks

Overview

Secberus provides unified visibility over common regulatory compliance frameworks and security best practices. Secberus achieves this through the execution of Secberus frameworks.

A framework is a collection of policies mapped to security and/or compliance rules. You can control which frameworks to enable in each Organization by navigating to Settings > Manage frameworks and updating the status toggle. Enabling a framework will activate all policies mapped to the framework, enabling them to run against the data collected from each applicable data source to check for possible violations.

In addition to the included framework templates, you can also create custom frameworks in order to meet your own specific requirements.

Manage frameworks

📘

Note

Policies make it easy to quickly assess risk and identify potential vulnerabilities. See Managing Policy Coverage for details on how to customize Secberus policies for your environments.

Framework templates

The following regulations and compliance frameworks are included as templates. They can be customized to meet your specific needs, or used as is.

Compliance RegulationAWSAzureGCPOkta
CIS BenchmarksYESYESYESNO
CMMCYESYESYESNO
FedRAMP Low/ModerateYESYESYESNO
FISCYESYESYESNO
HITRUST CSFYESYESYESNO
HIPAAYESYESYESYES
ISO 27002YESYESYESYES
PCI DSSYESYESYESNO
SOC2YESYESYESYES