Compliance Packs

Security and compliance are two key InsightCloudSec capabilities. Compliance Packs are out-of-the-box collections of related Insights focused on industry requirements and standards for all of your resources. Compliance packs may focus on security, costs, governance, or combinations of these across a variety of frameworks, e.g., HIPAA, PCI DSS, GDPR, etc.

The Compliance Packs tab on the Insights main page displays more than fifteen preconfigured Insight packs focused on various regulatory frameworks, including the CIS Benchmark, NIST 800-53, and ISO 27001.

Compliance Packs display in a list format. Each line provides a brief description of the pack's contents, including a designation for legacy packs, which typically indicates we have created an updated pack, and notes the number of Insights included in the pack.

Go to Security > Insights and click the Compliance Packs tab to get started.

List of available compliance packs
Compliance PackDescription
ACSC Cloud Security Controls Matrix (ISM Sep22)Contains Insights that assist with compliance for the Australian Cyber Security Centre (ACSC) Cloud Controls Matrix (CCM) implemented for the September 2022 version of the Information Security Manual (ISM)
ACSC Essential 8Contains Insights that assist with compliance for the ACSC Essential Eight Maturity Model. See the ACSC's website for more information.
AWS Foundational Security Best PracticesContains Insights that assist with compliance for the Amazon Web Services (AWS) Foundational Security Best Practices standard. See the AWS Documentation for more information.
AWS Privilege Escalation AttacksContains Insights that assist with preventing common privilege escalation attacks in AWS.
Azure SecurityContains Insights that assist with adhering to Microsoft Defender for Cloud Recommendations.
Canadian Centre for Cyber SecurityThe Canadian Centre for Cyber Security (CCCS) is Canada's cybersecurity authority, guiding and supporting the government, industry, and public. The Medium Cloud Control Profile, introduced in May 2020, replaces previous standards, ensuring medium-level security for organizations using public cloud services. This defense mechanism prevents unauthorized access or loss of critical information, addressing risks like financial impact and privacy violations. The CCCS compliance pack includes many insights, covering 79 controls and 104 resource types, enhancing security across all of the supported cloud providers.
CIS - Alibaba Cloud 1.0.0Contains Insights that assist with compliance for the Center for Internet Security (CIS) Alibaba 1.0 benchmark. See the CIS' website for more information.
CIS - AWS 1.3.0Contains Insights that assist with compliance for the CIS AWS 1.3.0 benchmark. See the CIS' website for more information.
CIS - AWS 1.4.0Contains Insights that assist with compliance for the CIS AWS 1.4.0 benchmark. See the CIS' website for more information.
CIS - AWS 1.5.0Contains Insights that assist with compliance for the CIS AWS 1.5.0 benchmark. See the CIS' website for more information.
CIS - AWS 2.0.0Contains Insights that assist with compliance for the CIS AWS 2.0.0 benchmark. See the CIS' website for more information.
CIS - AWS 3.0.0Contains Insights that assist with compliance for the CIS AWS 3.0.0 benchmark. See the CIS' website for more information.
CIS - AWS 4.0.0Contains Insights that assist with compliance for the CIS AWS 4.0.0 benchmark. See the CIS' website for more information.
CIS - Azure 1.1.0Contains Insights that assist with compliance for the CIS Azure 1.1.0 benchmark. See the CIS' website for more information.
CIS - Azure 1.4.0Contains Insights that assist with compliance for the CIS Azure 1.4.0 benchmark. See the CIS' website for more information.
CIS - Azure 1.5.0Contains Insights that assist with compliance for the CIS Azure 1.5.0 benchmark. See the CIS' website for more information.
CIS - Azure 2.0Contains Insights that assist with compliance for the CIS Azure 2.0 benchmark. See the CIS' website for more information.
CIS - Azure 2.1Contains Insights that assist with compliance for the CIS Azure 2.1 benchmark. See the CIS' website for more information.
CIS - GCP 1.3.0Contains Insights that assist with compliance for the CIS GCP 1.3.0 benchmark. See the CIS' website for more information.
CIS - GCP 2.0.0Contains Insights that assist with compliance for the CIS GCP 2.0.0 benchmark. See the CIS' website for more information.
CIS - Kubernetes 1.10.0Contains Insights that assist with compliance for the CIS Kubernetes 1.10.0 benchmark. See the CIS' website for more information.
CIS - OCI 1.1.0Contains Insights that assist with compliance for the CIS Oracle Cloud Infrastructure (OCI) 1.1.0 benchmark. See the CIS' website for more information.
CIS - OCI 1.2.0Contains Insights that assist with compliance for the CIS OCI 1.2.0 benchmark. See the CIS' website for more information.
CIS - Controls v8Contains Insights that assist with compliance for the CIS Critical Security Controls framework version 8. See the CIS' website for more information.
CMMC Level 1Contains Insights that assist with compliance for the Cybersecurity Maturity Model Certification level 1. See the CyberAssist website for more information.
Cost Containment PackContains Insights that assist with identifying common resources and configurations that could increase costs for your organization.
CSA CCM V4Contains Insights that assist with compliance for the Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) framework. See the CSA's website for more information.
CVEs for ISTIOContains Insights that assist with compliance for the Common Vulnerabilities and Exposures system for Istio.
FedRAMP CCM 3.0.1Contains Insights that assist with compliance for FedRAMP CCM framework.
FedRAMP Low ControlsContains Insights that assist with compliance for the FedRAMP low impact level. See the FedRAMP website for more information.
FedRAMP Moderate ControlsContains Insights that assist with compliance for the FedRAMP moderate impact level. See the FedRAMP website for more information.
FFIECContains Insights that assist with adhering to the Federal Financial Institutions Examination Council (FFIEC) cybersecurity requirements. See the FFIEC website for more information.
GDPRContains Insights that assist with adhering to the European Union (EU) General Data Protection Regulation (GDPR) requirements. See the GDPR website for more information.
HIPAAContains Insights that assist with adhering to the Health Insurance Portability and Accountability Act (HIPAA) requirements. See the HIPAA website for more information.
HITRUST v9.4Contains Insights that assist with compliance for the Health Information Trust (HITRUST) Alliance Common Security Framework (CSF) version 9.4. See the HITRUST website for more information.
IAM Security (with Access Explorer)Contains Insights that assist with mitigating AWS IAM security risk (requires Access Explorer).
IAM Security (without Access Explorer)Contains Insights that assist with mitigating AWS IAM security risk (does not require Access Explorer).
ISO 27001:2013Contains Insights that assist with compliance for the International Organization for Standardization (ISO) 27001:2013 framework. See the ISO 27001:2013 website for more information.
ISO 27001:2022Contains Insights that assist with compliance for the ISO 27001:2022 framework. See the ISO 27001:2022 website for more information.
ISO 27017:2015Contains Insights that assist with compliance for the ISO 27017:2015 framework. See the ISO 27017:2015 website for more information.
Kubernetes Security RecommendedContains Insights that assist with adhering to Kubernetes Security best practices and recommendations.
Microsoft Cloud Security BenchmarkContains Insights that assist with compliance for the Microsoft cloud security benchmark. See the Microsoft documentation for more information.
MITRE Att&ck Mitigation PackContains Insights that assist with adhering to MITRE's ATT&CK knowledge base of tactics and techniques. See the ATT&CK website for more information.
NIST 800-171Contains Insights that assist with compliance for the National Institute of Standards and Technology (NIST) 800-171 framework. See the NIST website for more information.
NIST 800-53 (Rev 4)Contains Insights that assist with compliance for the NIST 800-171 framework revision 4. See the NIST website for more information.
NIST 800-53 (Rev 5)Contains Insights that assist with compliance for the NIST 800-171 framework revision 5. See the NIST website for more information.
NIST Cyber Security FrameworkContains Insights that assist with compliance for the NIST Cybersecurity Framework (CSF). See the NIST website for more information.
NSA and CISA Kubernetes Hardening Guide 1.1Contains Insights that assist with compliance for National Security Agency (NSA) and Cybersecurity & Infrastructure Security Agency (CISA) Kubernetes Hardening guide version 1.1. See the CISA website for more information.
NYDFS NYCRR 500Contains Insights that assist with compliance for New York State Department of Financial Services (NYDFS) New York Codes, Rules, and Regulations (NYCRR) part 500 (a.k.a the Cybersecurity Regulation). See the NYDFS website for more information.
PCI DSS PackContains Insights that assist with compliance for the Payment Card Industry (PCI) Data Security Standard (DSS). See the PCI website for more information.
PCI DSS v4.0Contains Insights that assist with compliance for version 4 of the Payment Card Industry (PCI) Data Security Standard (DSS). See the PCI website for more information.
Rapid7 AI/ML Security Best PracticesContains Insights that assist with compliance for the Open Worldwide Application Security Project's (OWASP) Top 10 Vulnerabilities for Machine Learning, the OWASP Top 10 for LLMs, and Insights checking if best practice configurations have been implemented. This pack utilizes 11 controls:
  • Data Poisoning: Manipulating training data to influence how a model makes decisions. Controls here include secure storage, enforcing least privilege, access control, and monitoring.
  • Model Poisoning: Manipulating a model itself to influence how it behaves. Controls here include encryption techniques, access control, and monitoring.
  • Transfer Learning: Training a model on a specific task, but fine-tuning it on a different one to influence decision making. Controls here include secure storage, access control, and monitoring.
  • Model Inversion: Reverse-engineering a model to understand how it works and how it may be influenced. Controls here include encryption, secure storage, access control, and monitoring.
  • Model Stealing: Gaining access to a model and its parameters. Controls here include encryption, secure storage, access control, and monitoring.
  • Model Skewing: Manipulating the distribution of training data to influence a model’s decision making. Controls here include secure storage, access control, and monitoring.
  • Excessive Permissions: Overly permissive roles and policies can lead to manipulation of systems, services, and data models. Controls here include strong authentication, access controls, and enforcing least privilege.
  • Denial of Service: Repeated resource-heavy operations may lead to service degradation and increased cost. Controls here include strong authentication and access controls.
  • Supply Chain Compromise: Modifying or replacing a third-party library used by the system, or its data. Controls here include monitoring source control integrations and library lifecycle management.
  • Membership Inference: Manipulating training data to cause it to reveal sensitive information such as Personal Identifiable Information (PII) and Protected Health Information (PHI). Controls here include monitoring behavior for anomalies.
  • Output Integrity: Modifying the output from a machine learning model to negatively impact downstream business processes or systems. Controls here include monitoring behavior for anomalies and auditing interactions between the model and its partner systems.
SOC 2Contains Insights that assist with compliance for the Service Organization Control (SOC) Type 2 cybersecurity framework.

Compliance Pack Actions

From the Compliance Packs landing page, each available Compliance Pack is displayed as a line item in a list. Selecting the actions/context menu to the left of the name of the Compliance Pack provides access to the following actions:

Show Report Breakdown

Show report breakdown

The "Show Report Breakdown" option takes you to a summary page of dynamic charts that allow you to view the following:

  • A time series (up to 90 days) plot of total noncompliant resources categorized by what type of Insight registered the resource as noncompliant; ideally, you will see this trending down as you take actions to resolve compliance issues
  • Noncompliant resources, as a percentage of total resources, associated with this Insight pack
  • Noncompliant resources, as a percentage of total resources, within individual clouds associated with this pack
Manage Subscriptions

Manage subscriptions

Email subscriptions associated with Insight packs are available for administration through a Compliance Pack's actions menu ("...").

From the actions menu, click "Manage Subscriptions" (envelope icon) to open a page that provides a list of all subscriptions associated with the Insight Pack. You can add a new subscription or modify, send, or delete an existing subscription from this page.

For more information about setting up SMTP, configuring email notifications, and creating pack-level notifications, check out our documentation on SMTP (Email Notifications).

Toggle Visibility

Toggle visibility

This option allows you to disable and hide an entire Insight pack from your organization. You must confirm this selection. To unhide and re-enable the pack, uncheck the Hide Disabled Packs checkbox on the main page and toggle the pack's visibility to the "on" position.

Viewing Compliance Pack Details

You can view the details of any pack by clicking on the name. This will take you to the "Insights Library" filtered to display the individual Insights included in the pack.

Insight Summary Page

Clicking on the name of an individual Compliance Pack opens a summary page listing each individual Insight included with the pack.

Results can be filtered, there are pagination controls, and each Insight row includes (for users with the appropriate permissions) several controls/fields as follows:

  • An Actions Menu (three dots - Create Bot)
  • The name of the individual Insight(s)
  • A summary of the Impacted (noncompliant) Resources
  • Details on Exempted Resources (when applicable)
  • The associated Compliance Rules
  • Any metadata
  • Any associated Bots (a total count)
  • Severity details
  • Favorite(s)
  • The InsightCloudSec version this compliance pack was released
  • Author details

This is simply a "filtered" Insight list; when clicking on the text, it will display "This is a filtered result set. Click here to reset the filters." It will reset this list to display all available Insights.

Compliance Pack Editing

Compliance Packs (because they are included with InsightCloudSec) cannot be deleted. While you can edit the severity, the only way to edit a Compliance Pack is to make a copy to customize.

General Pack Controls

With the appropriate administrative permissions, you can also access actions for each individual Compliance Pack. Those details are covered on the Insights page here.

Bots and compliance reporting (Impacted Resources)

Bots and Compliance Reporting (Impacted Resources)

Once you understand specific compliance failures, you can use Bots to notify about or remediate the issue. To learn more about this capability, check out our documentation on BotFactory.

Excluding resources (Exemptions)

Excluding Resources (Exemptions)

In earlier versions, InsightCloudSec offered the ability to exempt resources from Insight findings using the Resource Group functionality. Check out our documentation on our dedicated Exemptions functionality for details on excluding resources.

Viewing existing bots

Checking for Existing Bots

You can determine whether any existing Bots match the failed Insight by clicking on the Bots listed on the Insight page associated with your Compliance Pack.

Creating a bot

Creating a Bot

You may wish to create a Bot to notify of or remediate for the failed insight. In the example below, clicking the actions menu and selecting "Create Bot" next to a specific insight allows you to create a Bot directly from that Insight. Check out details on the main BotFactory & Automation page or hop directly to Creating Bots or Working with Bots (Best Practices & Examples) to review some examples.

Compliance Reporting

Compliance Scorecard

Compliance Scorecard

For the best results in viewing, sorting, interpreting, and understanding data associated with both the InsightCloudSec Compliance Packs and any Custom Packs you may create, we recommend taking advantage of our Compliance Scorecard.

Download results

Downloading Results

You can download a .CSV file that includes the results for the Compliance Pack.
From the Compliance Packs page, click on the name of an individual Compliance Pack.

This will take you to a filtered Insights page where you can then select the download arrow.

What's Next?

  • To learn more about using an existing Compliance Pack as the starting point for a customized pack, check out our documentation on Custom Packs.
  • For information on compliance reporting, check out our Compliance Scorecard.
  • To explore automation using Compliance Packs, take a look at our BotFactory documentation.