Automate Your BSI IT Grundschutz Compliance with Runecast

About BSI IT Grundschutz Compliance

The German IT Baseline Protection (IT- Grundschutz) standard was established by the German Federal Office for Information Security (BSI) as a sound and sustainable information security management system (ISMS). IT-Grundschutz covers technical, organizational, infrastructural, and personnel aspects in equal measure. With its broad foundation, IT-Grundschutz offers a systematic approach to information security that is compatible with ISO/IEC 27001. Along with the BSI Standards, IT- Grundschutz provides essential publications to all kinds of institutions that want to set up an ISMS.

To make the successful implementation of IT-Grundschutz transparent to the outside world, companies or public authorities can be certified according to ISO 27001 based on IT-Grundschutz. This certificate confirms that the IT security concept meets the requirements of ISO 27001.

This is a consumer-protection regulation that provides recommendations on methods, processes, procedures, approaches, and measures relating to information security. BSI addresses issues fundamental to information security in public authorities and companies for which appropriate, practical, national, or international approaches have been established.

While BSI is a German federal standard, it is likely to apply to any organization with a client base within Germany (regardless of where they are themselves based), especially those in the public and legal sectors.

Dashboard showing compliance standard profiles

Runecast is a patented enterprise IT platform that provides IT ops and security teams one platform for configuration monitoring, vulnerability management, security compliance, remediation, upgrade planning and reporting.

  • Disruptive, patented solution that automates proactive analysis of logs, configuration drift, and security posture within your environment.
  • Simple, lightweight platform that is super-easy to deploy and operates securely on-premises (no data needs to leave your control) to provide you with remediation steps before any issues can lead to a PSOD or downtime.
  • Operational transparency and best practices alignment
  • Real-time configuration management, vulnerability scanning and security compliance audits
  • Freed up team resources (to work proactively on growth drivers)

How Runecast helps you to be audit-ready

Runecast automates the process of checking your workloads against BSI IT-Grundschutz. Each finding is mapped to the relevant BSI Building Block, including the exact text from the standard (in the German language), as well as a technical description in the English language. As with all of the checks in Runecast, these are also mapped to show you all impacted objects.

Runecast compliance audits cover the BSI C5 security standard for AWS. This standard, known as the Cloud Computing Compliance Controls Catalogue (C5), is published by Germany's Federal Office for Information Security (BSI) and is instrumental in helping organizations demonstrate their operational security in the context of cloud services.

BSI C5 outlines the fundamental requirements for secure cloud computing and offers a high level of assurance in cloud service security, going beyond international standards like ISO 27001 by including controls tailored specifically for cloud environments.

With Runecast Analyzer, you get year-round, 24/7 visibility into your audit compliance posture. It allows you to get immediate visibility into risks and non-compliances inherent in your environment, allowing you to identify gaps between where you are and a fully compliant state, and also show as soon as any objects move out of compliance.

The solution runs entirely on-premises, with no data leaving your control. All analysis takes place on the Runecast Analyzer appliance. Move to a more proactive way of handling your compliance requirements!

14-day free trial
Get Started Today
Be up and running in less than 15 minutes and see how Runecast empowers you and your team. Get your first compliance report now.
Start My Free Trial

“The best in its league”

Run it... you will be amazed by the findings. We always think that a lot of applications are secure by nature and by how they’ve been designed, but after deploying Runecast you really understand the gaps that you might have in your environment and it’s definitely an eye-opener.


Vice President - Infrastructure & Security at Oman Airports

Discover More Content

Reducing Attack Surface with Runecast Vulnerability Assessment (RSA)

Reducing Attack Surface with Runecast Vulnerability Assessment (RSA)

Download our solution brief now to gain a deeper understanding of the Assess phase in vulnerability management, and learn how to effectively evaluate the cyber exposure of all your assets and identify vulnerabilities, misconfigurations, and other security health indicators.

Safeguarding Sensitive Data with Runecast Compliance Assessment

Safeguarding Sensitive Data with Runecast Compliance Assessment

Download our solution brief to learn how Runecast's AI-powered platform can help minimize tool sprawl in your environment and transform uncoordinated, policy-less, manual, reactive efforts into proactive, automated, and continuously compliant practices.

Security Compliance Guide for AWS, Azure, K8s, VMware

Security Compliance Guide for AWS, Azure, K8s, VMware

What you will find in this guide‍

This Security Compliance Guide provides a comprehensive overview of common security standards (e.g.BSI IT-Grundschutz, CIS CSC, CISA, Cyber Essentials, DISA STIG, DORA, Essential 8, GDPR, HIPAA, ISO 27001, KVKK, NIST, PCI-DSS & VMware Security Configuration Guide), their associated pain points, and recommendations for achieving and maintaining compliance on AWS, Azure, Kubernetes and VMware.

Who will benefit most from it:

  • CISOs / Security teams
  • CIOs / Operations teams
  • SecOps / DevSecOps teams
  • IT Procurement teams