The Compliance Assessment dashboard helps customers better
understand how the issues on their external network impact compliance controls.
Not all policies are mapped to the compliance
frameworks as they are released. Cortex® Xpanse™ continues to update
the mapping as frequently as possible in order to ensure the dashboard
is up to date based on the latest policies released in the platform.
a compliance-focused lens and applies it to the Issues policies
in Cortex Xpanse Expander, so customers can better understand how
the issues on their external network impact compliance controls.
Currently available assessments:
Cortex® Xpanse™ worked with its internal subject matter experts
as well as third party experts to develop these mappings against
our policies assuming that all assets have been inventoried already.
The mapping focuses on which policies may need to be reviewed which
could have led to a given service or issue being exposed to the
Internet. On the summary tab, a reviewer may notice similar sets
of detections for all issues. This is intentional as more information
gathering and investigation via a security impact analysis (SIA)
should be conducted to rule out the worst case scenario. As part
of your investigation via the SIA, give consideration for each control
in each framework that is mapped as applicable to your security
and compliance objectives.