recentpopularlog in

whip_lash : compliance   3

cloud-custodian/cloud-custodian: Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources
Custodian can be used to manage AWS, Azure, and GCP environments by ensuring real time compliance to security policies (like encryption and access requirements), tag policies, and cost management via garbage collection of unused resources and off-hours resource management.

Custodian policies are written in simple YAML configuration files that enable users to specify policies on a resource type (EC2, ASG, Redshift, CosmosDB, PubSub Topic) and are constructed from a vocabulary of filters and actions.

It integrates with the cloud native serverless capabilities of each provider to provide for real time enforcement of policies with builtin provisioning. Or it can be run as a simple cron job on a server to execute against large existing fleets.
aws  gcp  cloud  compliance  security 
july 2019 by whip_lash
Nick MacKechnie : Now Available for download: Security Compliance Manager
The Solution Accelerators Team is pleased to announce the release of the Security Compliance Manager. This new tool is designed to help organizations plan, deploy, operate, and manage their security baselines for Windows® client and server operating systems, and Microsoft applications.
security  tools  compliance  microsoft 
april 2010 by whip_lash
meeting_compliance_efforts_with_the_mother_of_all_control_lists_moacl_33299 (application/pdf Object)
Organizations meeting multiple compliance efforts such as ISO 27000, Sarbanes Oxley Act,
HIPAA or Gramm-Leach Bliley may find they are performing these activities year round.
Technology practitioners should find mechanisms to better manage efforts and consolidate
where possible. This paper will provide background on many of the compliance efforts
organizations could grapple with and how the creation of a “Mother of All Control Lists”
(MOACL) could ease redundant efforts.
security  compliance  hipaa  sarbanes-oxley  glba 
march 2010 by whip_lash

Copy this bookmark:

to read