Why is there a discrepancy between the number of policies in Prisma Cloud versus AWS Security Hub for the same compliance standard?
3138
Created On 09/21/22 18:06 PM - Last Modified 08/23/24 15:00 PM
Question
Why is there a discrepancy between the number of policies in Prisma Cloud versus AWS Security Hub for the same compliance standard?
- For example, in the compliance standard "AWS Foundational Security Best Practices Standard"
- Prisma Cloud reports 61 policies where as AWS reports 139.
Environment
Answer
Whenever any compliance standard support is added, we consider the existing policies in Prisma Cloud for mapping and roll out the support for the specific standard. During the mapping process, we leave out the requirements/sections (Controls in the standard) for which we don't find the appropriate mappings.
As the unmapped controls become direct policy gaps, our Policy team takes the identified gaps for further analysis and implements the appropriate policy and makes it available for mapping.
Our Policy team works diligently to update and add additional support for all compliance standards.
Policies and Standards that have been added for support can be seen via our monthly product enhancements and updates page(link here) .