CCM

Leverage AWS API’s to Automate Compliance.

Allgress ComplianceVision (CV)

Organizations are faced with the task of providing assurance that high-rated risk factors are being managed with the appropriate controls in place and that those controls are operating effectively. With increases in the regulatory regime, increasing technology complexity and pressures on cost, the demand is high for productivity improvements in the performance evaluation of internal controls. Allgress ComplianceVision (CV) provides continuous monitoring of control operating effectiveness. CV provides continuous data assurance to verify the integrity of data flowing through systems, as well as continuous risk monitoring and assessment to dynamically measure your organization’s risk.

Allgress CV improves control management and monitoring while reducing the time sink and complexity of traditionally annual, detailed controls assessments. Organizations are able to leverage API’s from AWS as well as AWS Technology Partners, enabling a continuous compliance process.  In addition, policies in configuration content are included for all major compliance frameworks.  With Allgress CV organizations realize cost reductions through improved efficiency and effectiveness, and additionally benefit from increased test coverage, improved timeliness of testing, reduced risk velocity and remediation cost, improved consistency, the ability to identify trends, and comprehensive risk visibility through the Allgress Platform. Allgress CV replaces the manual, error-prone, preventive controls of the past with automated, detective controls to reduce your risk profile.

CV identifies the shared, inherited, and customer specific control statements and demonstrates how you can leverage the AWS Shared Responsibility model to document adherence with applicable compliance standards. Focusing on all major compliance frameworks such as PCI, HIPAA, CJIS, NIST, and FISMA compliance, the portal guides you through the compliance process by providing targeted content at every step of the way. ComplianceVision automates manual compliance functions through integration with current AWS tools.

ComplianceVision will soon support all major cloud platforms, including Microsoft, Google and Oracle.

 

Key Features:

CompliancaImages.png
  • Continuous control monitoring for early detection of compliance violations and comprehensive risk analysis

  • Automated, scheduled API calls, gathering information data, that allows you to map back to controls and standards for compliance

  • Ability to set up notifications for non-compliance and auto generate remediation tickets

  • Built-in, intuitive workflows

  • Includes compliance policies and control statements

  • Document, upload and create AWS configurations that align with leading industry security control frameworks.

  • Utilize the self-assessment survey to document system security architecture, and configure AWS environments in accordance with relevant regulatory requirements.

  • Utilize the Policy Module to store, track, and align policy statements to security and compliance control references, as well as track when they were issued.

  • Broad compliance coverage, including GDPR, FedRamp, CJIS, PCI, HIPAA, NIST 800-53, FISMA, and IRS 1075.

  • Easy to use compliance assessment workflow and results repository

  • Sample Policy and Procedures individualized for compliance framework

  • Integration with AWS for automated compliance reviews

 


CV Scoreboard
Allgress’ innovative approach towards automating the process of streamlined compliance will significantly decrease the time and effort for assessing and reporting compliance capabilities of AWS customer workloads.
— Troy Bertram, General Manager, Worldwide Public-Sector Business Development, Amazon Web Services, Inc.