Compliance Framework

Panoptica provides the compliance tools you need to meet your business goals. Panoptica scans, monitors, and remediates your cloud stack to ensure that it aligns with a number of key compliance requirements. We offer full compliance and ensure security best practices for AWS, Azure, GCP, and Kubernetes.

The compliance frameworks Panoptica supports include: CIS, PCI-DSS, HIPAA, GDPR, and SOC2 - with custom compliance capabilities coming soon. We continually monitor changing guidelines and measures to ensure that you remain compliant with a wide range of international standards and regulations. See Supported Frameworks for details regarding the frameworks Panoptica supports.

Panoptica assesses not only the relevant compliance benchmarks, but also connects security issues and vulnerabilities found across your cloud stack. See Compliance Calculation to learn how Panoptica calculates compliance.

Viewing Compliance

With Panoptica's compliance capabilities, you can:

  • Visualize full asset metadata in a dynamic dashboard.
  • Verify all relevant compliance requirements.
  • Export reports for efficient sharing.

Go to the Compliance Frameworks tab under Posture Management to view all of the accounts and frameworks that Panoptica is monitoring.

Use the Top Bar Filter to filter the findings by Scope, and Account using the drop-down lists at the top.

Filters and Groupings

You can further refine the results using predefined filters, custom queries, and aggregation:

  • By default, Panoptica displays compliance frameworks for all of your assets. If you prefer to view an individual provider—AWS, GCP, Azure, OCI or Kubernetes—select that button at the top of the screen.

The number beside each provider indicates the number of frameworks that apply to that environment.

  • Use the drop-down Filter option to narrow the results by:
    • Percentage
    • Provider
    • Framework
    • Compliance
  • Type into the Search bar to filter by text in the account parameters.

Frameworks Table

The unfiltered view of the Frameworks table lists all of the resources you have onboarded to Panoptica, and the relevant compliance frameworks against which Panoptica is assessing them. For each Framework Name, the table displays the number of Controls and Sub-controls, as well as a bar chart indicating the Compliance Progress.

  • Click Grouped by to aggregate the displayed results by Provider or Framework
  • Click Sort by to arrange the list by Provider, Framework, Rules, Sections, or Progress.
  • Select which columns are displayed by clicking the Columns button, in the upper right.
  • The list of findings can be downloaded in CSV format, for further review and analysis using Excel or any similar tool.

Click on any row in the table to view additional details about that framework. In addition to summary information about each control, the Controls view also displays bar charts indicating the compliance progress at the control level. This view can be sorted by Number of rules, Control, Progress, or Section.

Expand any row on the Controls table using the chevron (>) at the beginning of the line to drill down to the sub-controls level.

Click on the text in the Sub-Control column to pop up extensive details about that sub-control. In addition to a graphical Compliance Progress indicator, the Sub-Control Details window includes Audit information, Rationale, Description, Remediation, and more, depending on the type of assessment.

For some rules, Panoptica is unable to automatically assess compliance. This is indicated in the Check Type column in the Sub-control table. When the Check Type is Manual, you will see three dots (•••) at the end of that line to open a drop-down list Action menu. Click Set as Compliant if you know that asset or resource to be compliant with the relevant rule or standard.

Drill down further by expanding any row at the sub-control level, again using the chevron (>) at the beginning of the line.

The expanded Sub-control view reveals the type of rule (Network, User, etc.), when relevant. It also indicates the number of assets affected by this rule, and how they fared in the compliance assessment.

Click on the rule text to pop up additional details about that rule. The Rule Details window includes a list of assets affected by this compliance rule, and the accounts where you'll find them.

What’s Next

For details regarding the frameworks Panoptica supports, see Supported Frameworks
To learn how Panoptica calculates compliance, see Compliance Calculation