sonar-cloudformation-plugin icon indicating copy to clipboard operation
sonar-cloudformation-plugin copied to clipboard

Published 20 hours ago verified publisher icon Hack23

Iso 27001 grouping

Open pethers opened this issue 4 years ago • 1 comments

Is your feature request related to a problem? Please describe. For each rule add which iso 27001 area the rule belongs to, example https://github.com/toniblyx/prowler/blob/master/groups/group18_iso27001

Describe the solution you'd like Add info to rule description

Describe alternatives you've considered add tags for rules

Additional context

pethers avatar Feb 23 '21 22:02 pethers

Map nist - >

iso27001-a-9-2 : A.9 Access Control A.9.2 User Access Management iso27001-a-9-3 : A.9 Access Control A.9.3 User Responsibilities iso27001-a-9-4 : A.9 Access Control A.9.4 System and Application iso27001-a-10-1 : A.10 Cryptography A.10.1 Cryptographic Controls iso27001-a-12-3 : A.12 Operations Security A.12.3 Information Backup iso27001-a-12-4 : A.12 Operations Security A.12.4 Logging and Monitoring iso27001-a-12-6 : A.12 Operations Security A.12.6 Technical Vulnerability Management iso27001-a-13-1 : A.13 Communications Security A.13.1 Network Security Management iso27001-a-14-2 : A.14 System acquisition, dev & maintenance A.14.2 Security in Dev & Support iso27001-a-18-1 : A.18 Compliance A.18.1 Compliance with Legal and Regulatory Reqs

pethers avatar May 23 '21 15:05 pethers