Compliance
compliance
The Compliance object contains information about Industry and Regulatory Framework standards, controls and requirements.
Contents
Attributes
| Caption | Name | Type | Is Array | Default | Description |
|---|---|---|---|---|---|
| Complaince References Articles | compliance_references | KB Article | A list of sources of information or tools that help organizations understand, interpret, and implement compliance standards. They provide guidance, best practices, and examples. | ||
| Compliance Standards Articles | compliance_standards | KB Article | A list of established guidelines or criteria that define specific requirements an organization must follow. | ||
| Security Control | control | String | A Control is prescriptive, prioritized, and simplified set of best practices that one can use to strengthen their cybersecurity posture. e.g. AWS SecurityHub Controls, CIS Controls. | ||
| Raw Data | raw_data | JSON | The event data as received from the event source. | ||
| Record ID | record_id | String | Unique identifier for the object | ||
| Compliance Requirements | requirements | String |
A list of requirements associated to a specific control in an industry or regulatory framework. e.g. NIST.800-53.r5 AU-10
|
||
| Security Standards | standards | String |
Security standards are a set of criteria organizations can follow to protect sensitive and confidential information. e.g. NIST SP 800-53, CIS AWS Foundations Benchmark v1.4.0, ISO/IEC 27001
|
||
| Status | status | String |
The resultant status of the compliance check normalized to the caption of the status_id value. In the case of 'Other', it is defined by the event source.
|
||
| Status Code | status_code | String | The resultant status code of the compliance check. | ||
| Status Details | status_detail | String | The contextual description of the status, status_code values. | ||
| Status ID | status_id | Integer |
The normalized status identifier of the compliance check.
|
||
| Unmapped Data | unmapped | Unmapped | The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source. |
References
Referenced By
Context
JSON
{
"caption": "Compliance",
"description": "The Compliance object contains information about Industry and Regulatory Framework standards, controls and requirements.",
"extends": "object",
"name": "compliance",
"attributes": {
"compliance_references": {
"requirement": "optional",
"caption": "Complaince References Articles",
"description": "A list of sources of information or tools that help organizations understand, interpret, and implement compliance standards. They provide guidance, best practices, and examples.",
"type": "kb_article",
"is_array": true
},
"compliance_standards": {
"requirement": "optional",
"caption": "Compliance Standards Articles",
"description": "A list of established guidelines or criteria that define specific requirements an organization must follow.",
"type": "kb_article",
"is_array": true
},
"control": {
"requirement": "recommended",
"caption": "Security Control",
"description": "A Control is prescriptive, prioritized, and simplified set of best practices that one can use to strengthen their cybersecurity posture. e.g. AWS SecurityHub Controls, CIS Controls.",
"type": "string_t"
},
"requirements": {
"requirement": "optional",
"caption": "Compliance Requirements",
"description": "A list of requirements associated to a specific control in an industry or regulatory framework. e.g. <code> NIST.800-53.r5 AU-10 </code>",
"type": "string_t",
"is_array": true
},
"standards": {
"requirement": "required",
"caption": "Security Standards",
"description": "Security standards are a set of criteria organizations can follow to protect sensitive and confidential information. e.g. <code>NIST SP 800-53, CIS AWS Foundations Benchmark v1.4.0, ISO/IEC 27001</code>",
"type": "string_t",
"is_array": true
},
"status": {
"description": "The resultant status of the compliance check normalized to the caption of the <code>status_id</code> value. In the case of 'Other', it is defined by the event source.",
"requirement": "recommended",
"caption": "Status",
"type": "string_t"
},
"status_code": {
"description": "The resultant status code of the compliance check.",
"requirement": "optional",
"caption": "Status Code",
"type": "string_t"
},
"status_detail": {
"description": "The contextual description of the status, status_code values.",
"requirement": "optional",
"caption": "Status Details",
"type": "string_t"
},
"status_id": {
"description": "The normalized status identifier of the compliance check.",
"enum": {
"1": {
"caption": "Pass",
"description": "The compliance check passed for all the evaluated resources."
},
"2": {
"caption": "Warning",
"description": "The compliance check did not yield a result due to missing information."
},
"3": {
"caption": "Fail",
"description": "The compliance check failed for at least one of the evaluated resources."
},
"0": {
"caption": "Unknown",
"description": "The status is unknown."
},
"99": {
"caption": "Other",
"description": "The event status is not mapped. See the <code>status</code> attribute, which contains a data source specific value."
}
},
"requirement": "recommended",
"caption": "Status ID",
"sibling": "status",
"type": "integer_t"
},
"raw_data": {
"group": "context",
"caption": "Raw Data",
"description": "The event data as received from the event source.",
"type": "json_t"
},
"record_id": {
"description": "Unique identifier for the object",
"group": "primary",
"requirement": "required",
"caption": "Record ID",
"type": "string_t"
},
"unmapped": {
"caption": "Unmapped Data",
"description": "The attributes that are not mapped to the event schema. The names and values of those attributes are specific to the event source.",
"type": "unmapped",
"is_array": true
}
}
}