12 Aug Live Webinar by AWS, CardUp, OSL, Horangi: How The New MAS Public Cloud Guidelines Impact You
logo

ISO 27001 & PCI-DSS Controls Mapped, Change History Now On Warden

Besides more comprehensive support and an important new feature, the new Warden release includes a brand new dashboard and more UI fixes.

Summary of Updates

  • New Overview dashboard shows a detailed breakdown of infrastructure by account, region, resource type
  • Change History keeps track of trends of how your cloud environment evolves
  • New Rules, Resources, Compliance views
  • Control level mapping for ISO 27001, PCI-DSS, and BNM-RMiT
  • New Check Details for greater efficiency

Warden Overview Dashboard

The new Warden Overview Dashboard provides a snapshot of your cloud security posture, consolidating the data from your Warden scans. See the breakdown of your cloud infrastructure by account, region, and resource type. Immediately identify newly introduced security risks in your critical environments to assess which ones need special attention.

Change History

A major highlight in the new dashboard is Change History. Change History aims to answer the question: What has changed in my cloud environment? Immediately see the past actions you have taken with your findings, and address new findings on-the-go.

Rules, Resources, Compliance

The streamlined Warden UI, which comes with added filters, is divided into:

Rules

Group risks by rules so it is easy to identify affected resources.

Resources

You can now see the list of all your EC2 instances, security groups, S3 buckets, and other resources. In this view, you can individually assess security posture against your chosen compliance standard.

Compliance

Your compliance posture at a glance, loaded with report generation and rule suppression.

With the release of the new Rules and Resources pages with enhanced functionality, we will shortly be removing the Inspect and Detect pages for Warden-only customers. 

New Compliance Standards 

Also added to Warden’s Compliance features are control mappings for:

  • International Standards Organization 27001 (ISO 27001), the gold standard for information security management system (ISMS) frameworks
  • Bank Negara Malaysia – Risk Management in Technology (BNM-RMiT), legally binding standards aimed to make financial institutions operating in Malaysia resilient to cybersecurity threats
  • Payment Card Industry Data Security Standard (PCI-DSS), for all organizations that handle credit cards from the major card schemes

We also added compliance-level mapping for The Australian Prudential Regulation Authority’s (APRA) Prudential Practice Guide. APRA is an independent statutory authority that governs banking, insurance, and other financial institutions in Australia.

Check Details

See your affected rules and resources and take action accordingly, whether it is to:

  • Go to your cloud provider's console to triage the issue
  • Edit the risk level or suppress the check
  • Export the check to your integrated task manager

Learn all about the flagged issues with the additional context provided directly within this view. Also, see the history of a particular check for past statuses and actions taken.

Raphaël Peyret
Raphaël Peyret

Raphaël Peyret is the Horangi Director of Product. He is an innovation enthusiast with an engineering and international background.

Subscribe to the Horangi Newsletter.

Be the first to hear about Horangi's upcoming webinars and events, up-and-coming cyber threats, new solutions, and the future of cybersecurity from our tech experts.