Compliance Policies

TotalCloud continuously discovers resources and ensures resources are compliant in relation to respective Benchmark & Best Practices policy provided out-of box.

A policy is a collection of controls used to measure and report compliance for a set of resources. Your compliance reports will show you resource compliance status (pass or fail) with the policy controls. You could use the policies we provide of build your own policy. Learn more

Controls are the building blocks of the policies used to measure and report compliance for a set of hosts. We provide many controls for you to choose from and you can customize them too. Learn more

The Policies tab lists the policies we currently support.

Cloud Provider

Policy Name

Service Coverage

AWS

 

CIS Amazon Web Services Foundations Benchmark - v3.0.0 

  • Identity and Access Management

  • Storage

    • Simple Storage Service (S3)

    • Elastic Compute Cloud (EC2)

    • Relational Database Service (RDS)

    • Elastic File System (EFS)

  • Logging

  • Monitoring

  • Networking

AWS Best Practices Policy

  • Identity and Access Management:

    • Identity and Access Management (IAM)

  • Storage:

    • Simple Storage Service (S3)

    • Elastic File System (EFS)

    • S3 Glacier

    • AWS Backup

    • Data Sync

  • Security and Encryption:

    • Key Management Service (KMS)

    • Secrets Manager

    • AWS Certificate Manager (ACM)

    • AWS Backup

  • Compute:

    • Elastic Compute Cloud (EC2)

    • ElasticCache

    • Workspace

    • EMR

    • API Gateway

    • SageMaker

    • Elastic Container Service (ECS)

    • Code Build

    • App Mesh

  • Networking:

    • Virtual Private Cloud (VPC)

    • Route53

    • Kinesis

    • Amazon MSK

    • Amazon MQ

    • CloudFront

    • Amazon Workspaces

    • AWS Direct Connect

  • Messaging and Notification:

    • Simple Notification Service (SNS)

    • Simple Queue Service (SQS)

  • Monitoring and Management:

    • AWS Config

    • CloudWatch

    • CloudTrail

    • AWS CloudFormation

    • AWS Backup

  • Analytics and Database:

    • Athena

    • Amazon Glue

    • Database Migration Service (DMS)

  • File and Content Delivery:

    • CloudFront

    • Transfer Family

  • Directory and Authentication:

    • Microsoft AD Directory

AWS Lambda Best Practices Policy

Lambda Function

AWS Database Service Best Practices

  • RDS

  • Redshift

  • DocumentDB

  • NeptuneDB

  • Quantum Ledger DB

  • DynamoDB

Azure

 

CIS Microsoft Azure Foundations Benchmark - v2.1.0 

  • Identity and Access Management

  • Microsoft Defender

  • Storage Accounts

  • Database Services

    • SQL Server  - Auditing

    • SQL Server – Microsoft Defender for SQL

    • PostgreSQL Database Server

    • MySQL Database

    • Cosmos DB

  • Logging and Monitoring

  • Networking

  • Virtual Machines

  • Key Vault

  • AppService

Azure Database Service Best Practices Policy

  • Azure SQL

  • PostgreSQL Server

  • MySQL Server

  • MariaDB Server

  • Cosmos DB

Azure Best Practices Policy
  • Security and Compliance:
    • Security Center
    • Key Vault
    • ISE (Azure Information Security and Compliance)
    • WAF (Web Application Firewall)
    • Azure CDN (Content Delivery Network)
    • Azure Front Door
    • Log Analytics Workspace
    • Cost Management
    • Health Data Services
  • Compute:
    • Virtual Machine
    • Kubernetes Service
    • Container Registry
    • Container Instances
    • VM Scale Sets
    • HD Insight
    • Azure Spring Cloud
    • Azure Batch
  • Storage:
    • Disk
    • Snapshot
    • Storage Account
    • Storage Sync Services
    • Data Lake Storage
    • Data Lake Analytics
  • Networking:
    • Virtual Networks
    • Application Gateways
    • Network Interface
    • Virtual WAN
    • Azure CDN (Content Delivery Network)
    • Azure Front Door
  • Monitoring and Management:
    • Monitor
    • Log Analytics Workspace
    • Application Insights
  • Data and Analytics:
    • Azure Synapse Analytics
    • Azure Data Explorer
    • Data Factory
  • Event and Messaging:
    • Disk Accesses
    • Event Hubs
    • Service Bus
    • Event Grid
  • Identity and Access Management (IAM) and Administration:
    • IAM & Admin (Azure RBAC)
    • Azure Automation
    • DPS (Data Protection Services)
  • AI and Cognitive Services:
    • Cognitive Services
  • IoT and Edge Services:
    • Azure IOT Hub
  • Integration and API Management
    • Logic Apps
    • API Management

Azure Function App Best Practices Policy

  • App Service

    • Function App

    • Web App

GCP

 

CIS Google Cloud Platform Foundation Benchmark  - v2.0.0

  • Identity and Access Management

  • Logging and Monitoring

  • Networking

  • Virtual Machines

  • Storage

  • Cloud SQL Database Services

    • MYSQL Database

    • PostgreSQL Database

    • SQL Server

  • BigQuery

GCP Cloud Functions Best Practices Policy

Cloud Functions

GCP Best Practices Policy

  • Storage

    • Cloud Storage

  • Networking

    • VPC Network

  • Messaging

    • PubSub

  • Identity and Access Management

    • IAM & Admin

  • Compute

    • Compute Engine

GCP Cloud SQL Best Practices Policy

  • PostgreSQL

  • MySQL

GCP Kubernetes Engine Best Practices Policy

  • Kubernetes Engine

    • Kubernetes Cluster

    • Kubernetes Cluster Node

OCI

 

CIS Oracle Cloud Infrastructure Foundation Benchmark - v1.2.0

  • Identity and Access Management

  • Networking

  • Logging and Monitoring

  • Storage

    • Object Storage

    • Block Volumes

    • File Storage Service

OCI Best Practices Policy

  • Compute

  • Storage

  • IAM

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.