How to Monitor Compliance with Falcon Horizon
Introduction
The adoption of public cloud infrastructure has resulted in a larger attack surface and different types of security risk. A large percentage of breaches involving cloud deployments can be traced back to issues with human error and misconfiguration. As a result, organizations like the Center for Internet Security (CIS) and the National Institute of Standards and Technology (NIST) have developed best practices and guidelines to help companies hold themselves accountable and protect cloud deployed applications and data.
Video
Falcon Horizon Compliance Dashboards
CrowdStrike’s CSPM solution, Falcon Horizon, delivers visibility and assessment of multi-cloud deployments while also reporting compliance status for CIS benchmarks. Directly from the Falcon Horizon user interface, there is a menu option to open various compliance dashboards for each supported cloud provider.
This dashboard reflects AWS assessment findings with a direct correlation to CIS benchmarks. There are breakdowns by severity, benchmark, service and account. Each chart area is clickable providing fast access to the supporting details. In this example, there are eleven total findings across four different services. The majority represent benchmarks related to AWS Foundations, while others fall into the AWS Web Architecture category.
This sample PCI dashboard reports five findings for GCP across two services and two different benchmarks.
Detailed Compliance Findings
The supporting details are included below the charts. They can be filtered by clicking a chart area or using the filter options shown below. From this page, each line item links to the specific findings.
Along with the individual findings, CrowdStrike provides the remediation steps, alert logic and MITRE ATT&CK information for each policy. Links to any related compliance information are also available for quick reference throughout the Falcon Horizon user interface.
Compliance Documentation
Having easy access to correlated compliance standards helps organizations make informed decisions about policies and prioritized remediation efforts. In addition to description, rationale and impact statements, the compliance details include both audit and remediation procedures.
Conclusion
The use of public cloud infrastructure increases an organization’s attack surface as well as risk around human error, misconfigurations and compliance issues. Falcon Horizon not only delivers mutli-cloud visibility and assessment, but also easy to reference dashboards and documentation to help companies measure and achieve compliance targets.
