Metadata linking AVD to other security control baselines? #5523
brsolomon-deloitte
started this conversation in
Documentation
Replies: 1 comment
-
You can see compliance related checks here https://avd.aquasec.com/compliance Here's an example: https://avd.aquasec.com/misconfig/aws/iam/avd-aws-0140/ We offer the complete spec here (and other specs) https://github.com/aquasecurity/defsec/blob/v0.93.1/rules/specs/compliance/aws-cis-1.2.yaml |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Description
Hello - our team is seeking to better understand if the aqua vulnerability database, specifically the misconfig database for AWS, contains any metadata that can be used to link individual misconfiguration rules to other security control baselines. Furthermore, how is the misconfig AVD formed? Are the rules arbitrarily curated and created or do they represent feeds from other sources?
Let's take a concrete example - the Enable Control Plane Logging for EKS rule (avd-aws-0038). Does the AVD contain any metadata that links this rule back to one or more of:
The entry for Enable Control Plane Logging shows a CSPM ID of eks-logging-enabled. What specific CSPM database does this refer to?
Link
No response
Suggestions
It would be nice to leverage trivy (formerly the capability of tfsec) to provide a means of partial verification/implementation of different cloud security configuration baselines such as NIST 800-53/FedRAMP, CIS AWS benchmarks, and AWS FSBP. However, the public-facing AVD doesn't currently seem to contain metadata that can link back to these other control baselines.
Beta Was this translation helpful? Give feedback.
All reactions