diff --git a/content/en/security/cloud_security_management/misconfigurations/frameworks_and_benchmarks/supported_frameworks.md b/content/en/security/cloud_security_management/misconfigurations/frameworks_and_benchmarks/supported_frameworks.md index 14eeedb6c23..47d03fdd0de 100644 --- a/content/en/security/cloud_security_management/misconfigurations/frameworks_and_benchmarks/supported_frameworks.md +++ b/content/en/security/cloud_security_management/misconfigurations/frameworks_and_benchmarks/supported_frameworks.md @@ -24,8 +24,12 @@ Cloud Security Misconfigurations comes with more than 1,000 out-of-the-box compl | Framework | Supported Versions | Framework Tag | Rule Type | |-------------------------------------------------|--------------------------------|-------------------------------------|--------------------------| -| [AICPA SOC 2][7] | | `soc-2` | Cloud | +| [AICPA SOC 2][7] | 2017 TSC w/ rev POF - 2022 | `soc-2` | Cloud | +| [Australia APRA CPS 234][39] | 2019 | `cps234` | Cloud | +| [Australia ASD Essential 8][40] | 2024 | `essential8` | Cloud | | [AWS Foundational Security Best Practices][13] | v1.0.0 | `aws-fsbp` | Cloud | +| [Brazil LGPD][44] | 2018 | `lgpd` | Cloud | +| [California CCPA/CPRA][38] | Nov 2022 | `ccpa` | Cloud | | [CIS AlmaLinux 9][16] | v2.0.0 | `cis-almalinux9` | Infrastructure | | [CIS Amazon Linux 2023][25] | v1.0.0 | `cis-al2023` | Infrastructure | | [CIS Amazon Linux 2][25] | v3.0.0 | `cis-amzn2` | Infrastructure | @@ -43,11 +47,15 @@ Cloud Security Misconfigurations comes with more than 1,000 out-of-the-box compl | [CIS Ubuntu 20.04][23] | v1.0.0 | `cis-ubuntu2004` | Infrastructure | | [CIS Ubuntu 22.04][23] | v2.0.0 | `cis-ubuntu2204` | Infrastructure | | [CIS Ubuntu 24.04][23] | v1.0.0 | `cis-ubuntu2404` | Infrastructure | +| [CMMC][37] | v2.0 | `cmmc-level-2` | Cloud | | [Digital Operational Resilience Act (DORA)][35] | C(2024) 1532 | `dora` | Cloud | | [Essential Cloud Security Controls][33] | v2 | `essential-cloud-security-controls` | Cloud | +| [EU Cyber Resilience Act][43] | 2024 | `cyber-resilience-act` | Cloud | | [FedRAMP High][36] (Preview) | v5 | `fedramp-high` | Cloud | -| [GDPR][10] | | `gdpr` | Cloud | -| [HIPAA][9] | | `hipaa` | Cloud | +| [FedRAMP Moderate][36] (Preview) | v5 | `fedramp-moderate` | Cloud | +| [FedRAMP Low][36] (Preview) | v5 | `fedramp-low` | Cloud | +| [GDPR][10] | 2016/679 | `gdpr` | Cloud | +| [HIPAA][9] | 800-66-r2 | `hipaa` | Cloud | | [ISO/IEC 27001][8] | 2022, 2013 | `iso-27001` | Cloud | | [NIS2 Directive (EU)][14] | 2022/2555 | `nis2` | Cloud | | [NIST 800-171][31] | v2 | `nist-800-171` | Cloud | @@ -55,6 +63,8 @@ Cloud Security Misconfigurations comes with more than 1,000 out-of-the-box compl | [NIST AI Risk Management Framework][15] | v1.0 | `nist-ai-rmf` | Cloud | | [NIST Cybersecurity Framework][32] | v2.0, v1.1 | `nist-csf` | Cloud | | [PCI DSS][6] | v4.0 | `pci-dss` | Cloud | +| [UK Cyber Essentials][42] | 2024 | `cyber-essentials` | Cloud | +| [Singapore MAS TRM][41] | 2021 | `mas-trm` | Cloud | *To pass the Monitoring Section of the [CIS AWS Foundations benchmark][2], you **must** enable [Cloud SIEM][11] and forward [CloudTrail logs to Datadog][12]. @@ -97,3 +107,11 @@ Cloud Security Misconfigurations comes with more than 1,000 out-of-the-box compl [34]: https://www.cisecurity.org/benchmark/kubernetes [35]: https://www.eiopa.europa.eu/digital-operational-resilience-act-dora_en [36]: https://www.fedramp.gov/ +[37]: https://dowcio.war.gov/CMMC/About/ +[38]: https://oag.ca.gov/privacy/ccpa +[39]: https://www.apra.gov.au/sites/default/files/cps_234_july_2019_for_public_release.pdf +[40]: https://www.cyber.gov.au/business-government/asds-cyber-security-frameworks/essential-eight +[41]: https://www.mas.gov.sg/regulation/guidelines/technology-risk-management-guidelines +[42]: https://www.ncsc.gov.uk/cyberessentials/overview +[43]: https://digital-strategy.ec.europa.eu/en/policies/cyber-resilience-act +[44]: https://www.gov.br/anpd/pt-br/centrais-de-conteudo/outros-documentos-e-publicacoes-institucionais/lgpd-en-lei-no-13-709-capa.pdf \ No newline at end of file