Dashboard: Compliance Summary
Focus
Focus
Strata Cloud Manager

Dashboard: Compliance Summary

Table of Contents

Dashboard: Compliance Summary

View a history of changes to security checks.
Where Can I Use This?What Do I Need?
→ The features and capabilities available to you in Strata Cloud Manager depend on which license(s) you are using.
You can view a history of changes to the security checks made up to 12 months in the past, grouped together by the Center for Internet Security (CIS) and the National Institute of Standards and Technology (NIST) frameworks. For each framework, you’ll see a list of controls as well as the percentage of current and average compliance rate, total number of best practice checks, and the number of failed checks for each control.
Interact with the chart and the list to see the relationship between controls and their historical statistics. View details of individual controls and their associated checks, and select a best practice check to view the firewall configuration that is failing the check.
The CIS Critical Security Controls framework is a prioritized set of recommended actions and best practices that help protect organizations and their data from known cyberattack vectors. You can view check summaries for 11 of the 16 basic and foundational CIS controls:
  • CSC 3: Continuous Vulnerability Management
  • CSC 4: Controlled Use of Administrative Privileges
  • CSC 6: Maintenance, Monitoring, and Analysis of Audit Logs
  • CSC 7: Email and Web Browser Protections
  • CSC 8: Malware Defenses
  • CSC 9: Limitation and Control of Network Ports, Protocols, and Services
  • CSC 11: Secure configuration for Network Devices, such as Firewalls, Routers, and Switches
  • CSC 12: Boundary Defense
  • CSC 13: Data Protection
  • CSC 14: Controlled Access Based on the Need to Know
  • CSC 16: Account Monitoring and Control
The NIST Cybersecurity Framework SP 800-53 Controls framework provides guidance for federal agencies and other organizations to implement and maintain security and privacy controls for their information systems. You can view check summaries for eight families of NIST controls:
  • SC: Access Control
  • AU: Audit and Accountability
  • CM: Configuration Management
  • CP: Contingency Planning
  • IA: Identification and Authentication
  • RA: Risk Assessment
  • SC: System and Communications Protection
  • SI: System and Information Integrity
To get to the Compliance Summary Dashboard, go to Dashboards, and then select the Compliance Summary tab.
If you don’t see Compliance Summary among the tab choices, select More Dashboards, and then select the checkbox for Compliance Summary from the choices listed under Posture.
A) Security Controls selector
Select CIS or NIST controls
B) Filter by
  • Device
  • Time-frame
    • Past 7 Days
    • Past 30 Days
    • Past 90 Days
    • Past 6 Months
    • Past 12 Months
C) Sort by
  • Control CSC Number
  • Current Passing %
  • % Change
  • Number of Failed Checks
D) Line Chart
  • Passing % - Shows passing percentage for a given check type.
  • Timeline - Shows when the percentage was measured for a given check type.
E) Check List
  • Stats
    • Average Passing % - Shows the average percentage of passing checks.
    • 12-Month Change - Shows change over a 12-month period.
    • Checks Failed - Shows the number of failed checks.
  • Selected Controls - A checkmark brings a control into view on the line chart.
  • Reset - Removes all locks.
  • Collapse All/Expand All - Shows/Hides stats in the list.
  • Lock Line Chart - Keeps locked checks in view on the line chart.
  • Select a control on the list to see the best practice checks it includes.
  • Select a best practice check to view the firewall configuration that is failing the check.