CoreStack empowers Compliance and Security teams with a solution – Enterprise Cloud Compliance (ECC) – which applies a unique framework – Abstracted Cloud Compliance Controls (AC3), which offers these key benefits.
- Abstract controls across standards such as NIST 800-53, FedRAMP, PCI DSS, and ISO27017
- Leverage additional meta-data for control implementation and monitoring
- Identify equivalent controls across standards
- Map different cloud services to the controls
- Baseline controls for various levels of compliance – Standard, Advanced, Premium
Abstracted Cloud Compliance Controls (AC3) Framework Supports Multiple Industry Standards and Regulations
CoreStack Enterprise Cloud Compliance (ECC) offers a rich repository of 800+ policies mapped to various controls. Assess once and obtain compliance posture against multiple industry standards, regulations, and best practices relevant to your organization from the list below.
- AWS WAF – Amazon Web Services Well Achitected Framework
- CIS AWS – Center for Information Security Amazon Web Services Foundations
- CIS Azure – Center for Information Security Microsoft Azure Foundations Security Benchmark
- FedRAMP-High – Federal Risk and Authorization Management Program, HIGH
- FedRAMP-Moderate – Federal Risk and Authorization Management Program, MODERATE
- HIPAA – Health Insurance Portability and Accountability Act (HIPAA)
- ISO 27001 – Information Technology | Security Techniques | Information Security Management Systems
- ISO 27017 – International Standard Organization Security Controls for Cloud Services
- NIST – National Institute of Standards and Technology
- NIST-CSF – National Institute of Standards and Technology Cybersecurity Framework
- NIST-HIGH – National Institute of Standards and Technology, HIGH
- NIST-MODERATE – National Institute of Standards and Technology, MODERATE
- PCI DSS – Payment Card Industry Data Security Standard
Automatically enforce policies to fix the violations and achieve 100% cloud service-level compliance.