Shujinko announced a major update to AuditX, the system of record for enterprise compliance data. This update significantly broadens the platform’s automated data collection to cover firewall configuration, vulnerability scans, encryption certificates and more, along with offering new integrations with third party data sources including Okta, GitHub, Tenable and GitLab.
The update also adds Google Cloud Platform to its existing AWS and Azure support and extends automation across common enterprise regulatory frameworks, including SOC 1, SOC 2, PCI DSS, ISO 27001, NIST and FedRAMP.
Together, these changes deliver the automated evidence collection and workflow integration enterprises need to secure the cloud-first world.
“This update is a major step towards Shujinko’s goal of helping enterprises achieve better cloud security by creating a system of record for all compliance data,” said Scott Schwan, Co-Founder and CEO at Shujinko.
“As hybrid environments and the proliferation of SaaS platforms continue to complicate enterprise security and data privacy, there is a huge need to automate and centralize compliance data collection and workflows. We believe AuditX can fill this void by ensuring this important security data is current, organized and actionable.”
Security and compliance are critical concerns for the enterprise, yet modern cloud infrastructure can significantly complicate data collection and audit workflow, which are both currently accomplished through a highly manual process.
Research shows that more than 70% of CISOs face multiple audits in the next six months while struggling with poor tools, conflicting priorities, limited resources and now remote management. There is a clear desire for a more automated and efficient audit process that saves time and improves visibility.
AuditX is the first platform to deliver this automation for multiple audits and multiple compliance standards across multiple clouds and SaaS infrastructure.
AuditX is a cloud compliance automation platform that makes audit preparation and compliance fast (audits can be completed in one-third the usual time), efficient, visible, intuitive and extensible across cloud platforms and SaaS systems.
This update to AuditX includes the following:
- Evidence crosswalk reports that show users what percentage of different audit frameworks they have completed based on the evidence collected for their current audit. For example, if they have all evidence collected for a PCI DSS audit, the report will show that they have up to 85% of the evidence required for a NIST-CSF audit. This allows users to collect evidence once and leverage it across multiple standards and audits, saving precious DevOps and software engineering resources.
- Additional automated collectors for technical evidence regarding firewalls, vulnerability scans and encryption certificates, adding to existing collection automation for network segmentation, key management, database and storage configuration and more.
- Added new automated evidence collectors for Okta, GitHub, GitLab, Google Workspace and Tenable to enable AuditX to pull technical evidence from these third-party sources with the push of a button. These join existing integrations with Splunk, Datadog, CloudFlare, Office 365 and JIRA.
- Support for Google Cloud Platform.
- Increased the number of audit frameworks supported in AuditX. Shujinko now supports SOC 1/SSAE, SOC 2, the Payment Card Industry Data Security Standard (PCI DSS), ISO 27001, the NIST Cybersecurity Framework (CSF), NIST 800-53 and the Federal Risk and Authorization Management Program (FedRAMP).
- A new feature that allows auditors to view multiple clients and audits in a single pane of glass to streamline evidence review and compliance certification.
from Help Net Security https://ift.tt/2P6aEJ1
0 comments:
Post a Comment