Many of our enterprise customers are using Turbot guardrails to ensure continuous security and compliance of their Cloud Infrastructure with applicable internal controls and external industry standards such as Center for Internet Security (CIS).
CIS has published the CIS AWS Foundations Benchmark, a set of security configuration best practices for AWS. Turbot provides compliance mappings to NIST 800-53 which document a “catalog of security controls”. These new CIS Security Benchmarks are a subset of NIST and other external frameworks that are often used as practical baseline for organizations’ compliance requirements.
To simplify mapping to CIS AWS Foundations Benchmarks, Turbot provides customers a Level 1 and Level 2 mapping to out-of-the-box (OOTB) features in Turbot that implement these control objectives and ensure that all of your AWS resources continuously adhere to them.
VPC Flow Logs Example
Item 4.3 of CIS AWS Benchmarks states: “Ensure VPC Flow Logging is enabled in all VPCs”. Turbot’s guardrails simplify adherence to this control by providing cloud administrators a point and click setting to enforce use of Flow Logs in all VPCs. Admins can enable this guardrail across all VPCs or specific VPCs depending on their use case. Once enabled, Turbot automatically manages the configurations of the VPC Flow Logs, Cloud Watch Log Streams, etc.
Turbot would love to be a member of your cloud team - Please contact us with questions about CIS AWS Benchmarks, controls mappings, continuous security and compliance, and any other security assurance questions you may have.