131 lines
7.3 KiB
JSON
131 lines
7.3 KiB
JSON
{
|
|
"_comment": "Compliance rules and checks for various standards.",
|
|
"standards": [
|
|
{
|
|
"name": "SOC2",
|
|
"version": "Type II",
|
|
"description": "SOC 2 is an auditing procedure that ensures your service providers securely manage your data to protect the interests of your organization and the privacy of its clients.",
|
|
"categories": [
|
|
{
|
|
"name": "Security",
|
|
"controls": [
|
|
{
|
|
"id": "SOC2-Security-1",
|
|
"description": "Implement multi-factor authentication (MFA) for all user accounts.",
|
|
"type": "check",
|
|
"platform": ["AWS", "Azure", "GCP"],
|
|
"remediation": "Enable MFA on all user accounts. Review access logs for unauthorized access attempts.",
|
|
"check": {
|
|
"type": "script",
|
|
"language": "python",
|
|
"code": "def check_mfa(platform):\n if platform == 'AWS':\n # AWS specific MFA check\n pass\n elif platform == 'Azure':\n # Azure specific MFA check\n pass\n elif platform == 'GCP':\n # GCP specific MFA check\n pass\n return True # Placeholder for actual check\n\ncheck_mfa('AWS')",
|
|
"success_message": "MFA is enabled for all user accounts.",
|
|
"failure_message": "MFA is not enabled for all user accounts. Remediation steps provided."
|
|
},
|
|
"tags": ["authentication", "security"]
|
|
},
|
|
{
|
|
"id": "SOC2-Security-2",
|
|
"description": "Regularly audit and review user access permissions.",
|
|
"type": "check",
|
|
"platform": ["AWS", "Azure", "GCP"],
|
|
"remediation": "Conduct a user access review and revoke unnecessary permissions. Implement a least privilege access model.",
|
|
"check": {
|
|
"type": "api",
|
|
"endpoint": "/users/permissions",
|
|
"method": "GET",
|
|
"success_condition": "all(permission['status'] == 'active' for permission in response)",
|
|
"success_message": "User access permissions are regularly audited and reviewed.",
|
|
"failure_message": "User access permissions are not regularly audited or reviewed. Remediation steps provided."
|
|
},
|
|
"tags": ["authorization", "security"]
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"name": "HIPAA",
|
|
"version": "Final Rule",
|
|
"description": "HIPAA sets the standard for sensitive patient data protection. Companies that deal with protected health information (PHI) must have physical, network, and process security measures in place and follow them to ensure HIPAA Compliance.",
|
|
"categories": [
|
|
{
|
|
"name": "Administrative Safeguards",
|
|
"controls": [
|
|
{
|
|
"id": "HIPAA-Admin-1",
|
|
"description": "Implement a security awareness and training program for all employees.",
|
|
"type": "check",
|
|
"platform": ["General"],
|
|
"remediation": "Conduct regular security awareness training sessions. Document the training program and employee participation.",
|
|
"check": {
|
|
"type": "manual",
|
|
"instructions": "Verify that a security awareness and training program is in place and that all employees have completed the training.",
|
|
"success_message": "A security awareness and training program is in place and employees have completed the training.",
|
|
"failure_message": "A security awareness and training program is not in place or employees have not completed the training. Remediation steps provided."
|
|
},
|
|
"tags": ["training", "security", "administrative"]
|
|
},
|
|
{
|
|
"id": "HIPAA-Admin-2",
|
|
"description": "Conduct a risk assessment to identify potential vulnerabilities and threats.",
|
|
"type": "check",
|
|
"platform": ["General"],
|
|
"remediation": "Conduct a comprehensive risk assessment and develop a risk management plan.",
|
|
"check": {
|
|
"type": "manual",
|
|
"instructions": "Review the risk assessment documentation and verify that it addresses potential vulnerabilities and threats.",
|
|
"success_message": "A risk assessment has been conducted and a risk management plan is in place.",
|
|
"failure_message": "A risk assessment has not been conducted or a risk management plan is not in place. Remediation steps provided."
|
|
},
|
|
"tags": ["risk assessment", "security", "administrative"]
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"name": "PCI-DSS",
|
|
"version": "4.0",
|
|
"description": "The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment.",
|
|
"categories": [
|
|
{
|
|
"name": "Build and Maintain a Secure Network and Systems",
|
|
"controls": [
|
|
{
|
|
"id": "PCI-DSS-Network-1",
|
|
"description": "Install and maintain a firewall configuration to protect cardholder data.",
|
|
"type": "check",
|
|
"platform": ["AWS", "Azure", "GCP"],
|
|
"remediation": "Review firewall rules and ensure that they are properly configured to protect cardholder data. Implement intrusion detection and prevention systems.",
|
|
"check": {
|
|
"type": "script",
|
|
"language": "python",
|
|
"code": "def check_firewall(platform):\n if platform == 'AWS':\n # AWS specific firewall check\n pass\n elif platform == 'Azure':\n # Azure specific firewall check\n pass\n elif platform == 'GCP':\n # GCP specific firewall check\n pass\n return True # Placeholder for actual check\n\ncheck_firewall('AWS')",
|
|
"success_message": "Firewall is properly configured to protect cardholder data.",
|
|
"failure_message": "Firewall is not properly configured to protect cardholder data. Remediation steps provided."
|
|
},
|
|
"tags": ["firewall", "network", "security"]
|
|
},
|
|
{
|
|
"id": "PCI-DSS-Network-2",
|
|
"description": "Change vendor-supplied defaults for system passwords and other security parameters.",
|
|
"type": "check",
|
|
"platform": ["AWS", "Azure", "GCP"],
|
|
"remediation": "Change all vendor-supplied defaults for system passwords and other security parameters. Implement strong password policies.",
|
|
"check": {
|
|
"type": "api",
|
|
"endpoint": "/systems/defaults",
|
|
"method": "GET",
|
|
"success_condition": "all(system['default_password_changed'] == True for system in response)",
|
|
"success_message": "Vendor-supplied defaults have been changed for system passwords and other security parameters.",
|
|
"failure_message": "Vendor-supplied defaults have not been changed for system passwords and other security parameters. Remediation steps provided."
|
|
},
|
|
"tags": ["password", "security", "defaults"]
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
]
|
|
} |