Summary of Updates
- New Overview dashboard shows a detailed breakdown of infrastructure by account, region, resource type
- Change History keeps track of trends of how your cloud environment evolves
- New Rules, Resources, Compliance views
- Control level mapping for ISO 27001, PCI-DSS, and BNM-RMiT
- New Check Details for greater efficiency
Warden Overview Dashboard
The new Warden Overview Dashboard provides a snapshot of your cloud security posturecloud security posture, consolidating the data from your Warden scans. See the breakdown of your cloud infrastructure by account, region, and resource type. Immediately identify newly introduced security risks in your critical environments to assess which ones need special attention.
Change History
A major highlight in the new dashboard is Change History. Change History aims to answer the question: What has changed in my cloud environment? Immediately see the past actions you have taken with your findings, and address new findings on-the-go.
Rules, Resources, Compliance
The streamlined Warden UI, which comes with added filters, is divided into:
Rules
Group risks by rules so it is easy to identify affected resources.
Resources
You can now see the list of all your EC2 instances, security groups, S3 buckets, and other resources. In this view, you can individually assess security posture against your chosen compliance standard.
Compliance
Your compliance posture at a glance, loaded with report generation and rule suppression.
As of May 2022, Warden also comes with compliance checks for PCI DSS v4.0PCI DSS v4.0.
With the release of the new Rules and Resources pages with enhanced functionality, we will shortly be removing the Inspect and Detect pages for Warden-only customers.
New Compliance Standards
Also added to Warden’s Compliance features are control mappings for:
- International Standards Organization 27001 (ISO 27001), the gold standard for information security management system (ISMS) frameworks
- Bank Negara Malaysia – Risk Management in Technology (BNM-RMiT), legally binding standards aimed to make financial institutions operating in Malaysia resilient to cybersecurity threats
- Payment Card Industry Data Security Standard (PCI-DSS), for all organizations that handle credit cards from the major card schemes
We also added compliance-level mapping for The Australian Prudential Regulation Authority’s (APRA) Prudential Practice Guide. APRA is an independent statutory authority that governs banking, insurance, and other financial institutions in Australia.
Check Details
See your affected rules and resources and take action accordingly, whether it is to:
- Go to your cloud provider's console to triage the issue
- Edit the risk level or suppress the check
- Export the check to your integrated task manager
Learn all about the flagged issues with the additional context provided directly within this view. Also, see the history of a particular check for past statuses and actions taken.