CIS has published the CIS AWS Foundations Benchmark, a set of security configuration best practices for AWS. Turbot Guardrails provides compliance mappings to NIST 800-53 which document a "catalog of security controls". These new CIS Security Benchmarks are a subset of NIST and other external frameworks that are often used as practical baseline for organizations' compliance requirements.
To simplify mapping to CIS AWS Foundations Benchmarks, Turbot Guardrails provides customers a Level 1 and Level 2 mapping to out-of-the-box (OOTB) features in Turbot Guardrails that implement these control objectives and ensure that all of your AWS resources continuously adhere to them.
VPC Flow Logs Example
Item 4.3 of CIS AWS Benchmarks states: "Ensure VPC Flow Logging is enabled in all VPCs". Turbot Guardrails simplify adherence to this control by providing cloud administrators a point and click setting to enforce use of Flow Logs in all VPCs. Admins can enable this guardrail across all VPCs or specific VPCs depending on their use case. Once enabled, Turbot Guardrails automatically manages the configurations of the VPC Flow Logs, Cloud Watch Log Streams, etc.
Turbot Guardrails would love to be a member of your cloud team - Please contact us with questions about CIS AWS Benchmarks, controls mappings, continuous security and compliance, and any other security assurance questions you may have.