Supported Frameworks

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Cloud Security Misconfigurations comes with more than 1,000 out-of-the-box compliance rules that evaluate the configuration of your cloud resources and identify potential misconfigurations. Each compliance rule maps to one or more controls within the following compliance standards and industry benchmarks.

In Cloud Security, rules with the infrastructure label are applicable to Agent installations.
FrameworkSupported VersionsFramework TagRule Type
AICPA SOC 2soc-2Cloud
AWS Foundational Security Best Practicesv1.0.0aws-fsbpCloud
CIS AlmaLinux 9v2.0.0cis-almalinux9Infrastructure
CIS Amazon Linux 2023v1.0.0cis-al2023Infrastructure
CIS Amazon Linux 2v3.0.0cis-amzn2Infrastructure
CIS AWS Foundations Benchmark*v5.0.0, v4.0.0, v3.0.0, v1.5.0cis-awsCloud
CIS Azure Foundations Benchmarkv4.0.0, v2.0.0cis-azureCloud
CIS Docker Benchmarkv1.2cis-dockerInfrastructure
CIS GCP Foundations Benchmarkv3.0.0cis-gcpCloud
CIS GKEv1.6.0cis-gkeCloud
CIS Kubernetes (AKS) Benchmark**v1.4.0cis-aksCloud and Infrastructure
CIS Kubernetes (EKS) Benchmark**v1.7.0, v1.4.0cis-eksCloud and Infrastructure
CIS Kubernetes Benchmark**v1.9.0cis-kubernetesInfrastructure
CIS Red Hat Linux 7v3.1.1cis-rhel7Infrastructure
CIS Red Hat Linux 8v2.0.0cis-rhel8Infrastructure
CIS Red Hat Linux 9v1.0.0cis-rhel9Infrastructure
CIS Ubuntu 20.04v1.0.0cis-ubuntu2004Infrastructure
CIS Ubuntu 22.04v2.0.0cis-ubuntu2204Infrastructure
Digital Operational Resilience Act (DORA)C(2024) 1532doraCloud
Essential Cloud Security Controlsv2essential-cloud-security-controlsCloud
FedRAMP High (Preview)v5fedramp-highCloud
GDPRgdprCloud
HIPAAhipaaCloud
ISO/IEC 270012022, 2013iso-27001Cloud
NIS2 Directive (EU)2022/2555nis2Cloud
NIST 800-171v2nist-800-171Cloud
NIST 800-53v5nist-800-53Cloud
NIST AI Risk Management Frameworkv1.0nist-ai-rmfCloud
NIST Cybersecurity Frameworkv2.0, v1.1nist-csfCloud
PCI DSSv4.0pci-dssCloud

*To pass the Monitoring Section of the CIS AWS Foundations benchmark, you must enable Cloud SIEM and forward CloudTrail logs to Datadog.

**Some CIS Kubernetes Benchmark compliance rules only apply to self-hosted Kubernetes clusters.

Notes:

  • Cloud Security Misconfigurations provides visibility into whether your resources are configured in accordance with certain compliance rules. These rules address various regulatory frameworks, benchmarks, and standards (Security Posture Frameworks). Cloud Security Misconfigurations does not provide an assessment of your actual compliance with any Security Posture Framework, and the compliance rules may not address all configuration settings that are relevant to a given framework. Datadog recommends that you use Cloud Security Misconfigurations in consultation with your legal counsel or compliance experts.
  • The compliance rules for the CIS benchmarks follow the CIS automated recommendations. If you’re obtaining CIS certification, Datadog recommends also reviewing the manual recommendations as part of your overall security assessment.
  • Datadog also provides Essential Cloud Security Controls, a set of recommendations developed by Datadog internal security experts. Based on common cloud security risks observed by Datadog, this ruleset aims to help users that are new to cloud security remediate high-impact misconfigurations across their cloud environments.

Further reading

Documentation, liens et articles supplémentaires utiles:

Getting started with Cloud Security MisconfigurationsDOCUMENTATION more more Explore default Cloud Security Misconfigurations cloud configuration compliance rulesDOCUMENTATION more more Search and explore misconfigurationsDOCUMENTATION more more Datadog Security extends compliance and threat protection capabilities for Google CloudBLOG more more