Check your compliance with standards
The platform offers a comprehensive view of how well your organization and individual groups are meeting various international cybersecurity standards, as validated by Fluid Attacks. You can find this information in Compliance, which offers two sections:
- Overview: Provides a high-level summary of your overall compliance posture and allows benchmarking it against other organizations
- Standards: Lets you drill down into unfulfilled standards in per group and generate detailed reports on any gaps that need to be addressed
Across Compliance, a header provides the following information:
- Compliance level: The percentage corresponding to fulfillment of security requirements within standards
- Weekly trend: The change in compliance during the last week represented as a percentage
- ET to full compliance: A projection of the amount of days it might take to address all noncompliance issues, achieving a 100% compliance level
- Standard least complied with: The name of the specific standard where your organization is struggling the most
- Lowest % compliance: The percentage of fulfilled requirements associated to the standard you comply with the least
See an overview of your compliance
Role required: User, Vulnerability Manager or User Manager
Fluid Attacks' platform allows you to gauge your performance relative to your peers. In the Overview section within Compliance, you s ee how your organization stacks up against the best, worst, and average performance levels in terms of compliance with each of the standards validated by Fluid Attacks.
Check compliance with standards in your groups
Role required: User, Vulnerability Manager or User Manager
The Standards section within Compliance allows you to zoom in on specific groups within your organization and assess their compliance with individual standards.
To examine compliance at a granular level within your groups, do the following:
- Use the dropdown menu next to the title Unfulfilled standards to choose the group you want to analyze. Only groups you have access to are listed.
- Once you have selected a group, you see a breakdown of the standards that the group is not currently meeting in full and the number of security requirements you are yet to implement.
Click on the dropdown menu for the standard to see the names of unfulfilled requirements.
Download reports of requirements needed to reach compliance
Role required: User, Vulnerability Manager or User Manager
In the Standards section, the platform allows you to download comprehensive reports of areas of noncompliance for any selected group. These are the steps:
- In the Standards section within Compliance, select the group for which you need a report.
- Click on the Generate report button to the right.
- In the pop-up window, select whether you want a PDF or CSV file. PDF is advised if you want the links to the security requirements in the report, whereas CSV is advised for further filtering the report (e.g., ). Then choose which standards to include by using the toggle in the Action column.
You can use the Exclude all/Include all toggle to select the desired items more quickly.
- You need a verification code to proceed. Select whether you would like to receive it via SMS or WhatsApp.
- Enter the code you received and click on Verify.
Upon successful verification, the platform informs you that the report is ready, and your browser downloads it.
The downloaded report provides a group-level overview, customized by you. The PDF version shows
-
a brief description of the specific standard(s) that the group is not meeting;
- the name(s) of the associated requirement(s) which need to be addressed to achieve compliance, linking to the relevant documentation, and
- the name(s) of the type or types of vulnerabilities associated to the requirement(s), linking to the vulnerability URL(s) in the platform.
The CSV version shows
- the name(s) of the specific standard(s);
- the vulnerability URL(s);
- the name(s) of the type or types of vulnerabilities, and
- the three-number code(s) of the associated requirement(s).
Free trial