Red Canary helps many organizations satisfy or support their compliance controls through our monitoring and security operations. We’re happy to help you and your auditors better understand how Red Canary works behind the scenes.
The following table lists a set of common controls, describes how Red Canary supports those controls, and maps to relevant compliance framework sections.
Control Family / Name / Activity | How Red Canary Helps Satisfy This Control | ISO27001 | SOC | FedRAMP | PCI-DSS | BSI C5 | HIPAA | NIST 800-171 | CMMC |
---|---|---|---|---|---|---|---|---|---|
Asset Management / Inventory Management The organization maintains an inventory of system devices, which is reconciled in accordance with the organization-defined frequency. |
Inventory of monitored endpoints within Red Canary can be used to help satisfy this control. |
A.8.1.1 |
CC6.1 |
CM-8 |
9.6.1 |
AM-01 |
3.4.1 3.4.2 |
CM.2.061 CM.2.064 |
|
Configuration Management / Configuration Checks The organization uses mechanisms to detect deviations from baseline configurations in production environments. |
Appropriately configured logging and alerting within Red Canary can help satisfy this control. |
A.9.4.4 |
CC6.8 |
CM-6 |
1.2.2 |
IDM-12 |
164.306(a)(2) |
3.1.1 |
AC.1.001 |
Incident Response / Incident Response Confirmed incidents are assigned a priority level and managed to resolution. |
Red Canary's incident management process (including tracking and logging within Red Canary) can be used to help satisfy this control. |
A.16.1.1 |
CC2.2 |
IR-4 |
10.6.3 |
SIM-01 |
164.308(a)(1)(ii)(D) |
3.3.1 |
AU.2.042 |
Systems Monitoring / Audit Logging The organization logs critical information system activity. |
Logs within Red Canary can be used to help satisfy this control. |
A.12.4.1 |
CC6.8 |
AU-12 |
RB-10 |
164.312(b) |
3.3.1 3.3.2 3.3.5 |
AU.2.042 AU.2.041 AU.3.051 |
|
Systems Monitoring / Secure Audit Logging The organization logs critical information system activity to a secure repository. |
Logs within Red Canary can be used to help satisfy this control. |
CC7.2 |
10.5 |
3.4.1 3.4.2 3.4.3 3.4.4 3.4.5 3.4.6 3.4.7 3.4.8 |
CM.2.061 CM.2.064 CM.2.065 CM.2.066 CM.3.067 CM.3.068 CM.3.069 CM.4.073 |
||||
Systems Monitoring / Audit Logging: Cardholder Data Environment Activity The organization logs the following activity for cardholder data environments: • Individual user access to cardholder data • Administrative actions • Access to logging servers • Failed logins • Modifications to authentication mechanisms and user privileges • Initialization, stopping, or pausing of the audit logs • Creation and deletion of system-level objects • Security events • Logs of all system components that store, process, transmit, or could impact the security of cardholder data (CHD) and/or sensitive authentication data (SAD) • Logs of all critical system components • Logs of all servers and system components that perform security functions. For example, firewalls, intrusion-detection systems/intrusion-prevention systems (IDS/IPS), authentication servers, ecommerce redirection servers, and so on. |
Logs within Red Canary can be used to help satisfy this control. |
10.1 |
|||||||
Systems Monitoring / Security Monitoring Alert Criteria The organization defines security monitoring alert criteria, how alert criteria will be flagged, and identifies authorized personnel for flagged system alerts |
Configurable alerts within Red Canary can be used to help satisfy this control |
A.9.4.4 |
AC-2 |
10.8 |
IDM-06 |
3.1.1 3.1.2 3.1.5 3.1.6 3.1.7 3.3.8 3.3.9 |
AC.1.001 AC.1.002 AC.2.007 AC.2.008 AC.3.018 AU.3.049 AU.3.050 |
||
Systems Monitoring / Security Monitoring Alert Criteria: Privileged Functions The organization defines security monitoring alert criteria for privileged functions executed by both authorized and unauthorized users |
Configurable alerts within Red Canary can be used to help satisfy this control |
10.6 |
|||||||
Systems Monitoring / Security Monitoring Alert Criteria: Cardholder System Components The organization defines security monitoring alert criteria for system components that store, process, transmit, or could impact the security of cardholder data and/or sensitive authentication data |
Configurable alerts within Red Canary can be used to help satisfy this control |
10.6.1 |
|||||||
Systems Monitoring / System Security Monitoring Critical systems are monitored in accordance to predefined security criteria and alerts are sent to authorized personnel. Confirmed incidents are tracked to resolution |
Configurable alerts within Red Canary can be used to help satisfy this control |
A.12.4.3 |
CC7.2 |
AU-2 |
10.2 |
IDM-06 |
164.308(a)(1)(ii)(D) |
3.3.1 3.3.2 3.3.8 3.3.9 |
AC.1.001 AC.1.002 AU.3.049 AU.3.050 |
Vulnerability Management / External Alerts and Advisories The organization reviews alerts and advisories from management-approved security forums and communicates verified threats to authorized personnel |
Configurable alerts, searchable activity logs, and incident management functions within Red Canary can be used to help satisfy this control |
A.16.1.1 |
6.1 |
3.3.1 |
AC.1.001 |
||||
Vulnerability Management / Vulnerability Remediation The organization assigns a risk rating to identified vulnerabilities and prioritizes remediation of legitimate vulnerabilities according to the assigned risk |
Threat identification, logging, and alerting within Red Canary can help to satisfy this control |
A.6.1.5 |
CC7.1 |
CA-7 |
6.1 |
RB-17 |
164.306(a)(1) |
3.11.1 3.11.2 3.11.3 3.14.1 3.14.2 3.14.3 3.12.1 3.12.2 3.12.3 |
RM.2.141 RM.2.142 RM.2.143 SI.1.210 SI.1.211 SI.2.214 CA.2.158 CA.2.159 CA.3.161 |
Comments
0 comments
Please sign in to leave a comment.