Security Posture Management Regulatory Compliance Standards
Netskope continuously assesses your environment and measures against the following security compliance benchmarks and best practices.
CIS Benchmark
Center for Internet Security (CIS) is a nonprofit organization that identifies, develops, validates, promotes, and sustains best practice solutions for cyber defense and build and lead communities to enable an environment of trust in cyberspace. CIS Benchmarks provide global standards for internet security and are a recognized global standard and best practices for securing IT systems and data against attacks. CIS Benchmarks consist of a set of rules for a subset of AWS with an emphasis on foundation, testable, and architecture agnostic settings.
Payment Card Industry Data Security Standard
The Payment Card Industry Data Security Standard (PCI-DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally. PCI-DSS provides a baseline of technical and operational requirements designed to protect account data. PCI-DSS applies to all entities involved in payment card processing—including merchants, processors, acquirers, issuers, and service providers. PCI-DSS also applies to all other entities that store, process or transmit cardholder data (CHD) and/or sensitive authentication data (SAD).
Netskope Public Cloud Security delivers an out of the box profile to verify configuration check for PCI-DSS 3.2.1 compliance. The out of the box rules in the profile can be used as is for PCI compliance assessment. You can also customize these rules and tailor them to suit your security objectives.
NIST Framework
The National Institute of Standards and Technology (NIST) Framework provides a comprehensive approach to Identify, Protect, Detect, Respond, and Recover from cybersecurity incidents. The Framework enables organizations to apply the principles and best practices of risk management to improving security and resilience. Netskope Public Cloud Security automates monitoring for compliance with the NIST CSF v 1.1 and NIST 800-53 r4 policies.