ISO/IEC 27001 is an international standard that defines how to manage information security. It is a part of the wider ISO 27000 family of standards, which define an Information Security Management System (ISMS). According to it is one of the most popular security standards in the world.
There are 114 controls in 14 groups and 35 control categories; the 2005 standard had 133 controls in 11 groups.
The process of checking for compliance within your AWS and VMware environments can be arduous and costly, and any kind of manual checks are subject to human error, so it is important to automate as much as possible.
Runecast Analyzer automates the process of checking both VMware vSphere and native AWS public cloud resources for compliance against CIS standards – in total, 253 cross-referenced checks. Each finding maps to a specific ISO 27001 control or set of controls, and as with all other standards covered within Runecast Analyzer, we show the details not only of all of the impacted objects, but also both the wording from the standard and a technical translation, as well as details of how to manually audit the finding and remediate any non-compliances.
With Runecast Analyzer, you get year-round, 24/7 visibility into your audit compliance posture. It allows you to get immediate visibility into risks and non-compliances inherent in your environment, allowing you to identify gaps between where you are and a fully compliant state, and also show as soon as any objects move out of compliance. Additionally, each finding details on how to manually audit and remediate any non-compliances.
The solution runs entirely on-premises, with no data leaving your control. All analysis takes place on the Runecast Analyzer appliance. Move to a more proactive way of handling your compliance requirements!