Category: Configuration, compliance, and auditing

Based on Knowit’s ADAM guide, this blog post provides practical insights and strategies for achieving GDPR compliance in AWS environments, including essential frameworks for managing compliance obligations and leveraging AWS features and services. The post outlines a structured seven-step approach to systematically assess and document GDPR compliance while emphasizing the importance of understanding data controller and processor roles, encryption requirements, and cross-border data transfer considerations.

The integration of artificial intelligence (AI) technologies is rapidly gaining momentum across various industries, offering a variety of business advantages. However, without implementing robust AI security measures, organizations may face substantial risks, including model poisoning and sensitive data breaches. Learn how Orca Security provides effective strategies to mitigate and prevent these potential threats.

HashiCorp announces the general availability of pre-written Sentinel policies for AWS. With this new release, AWS customers can gain the immediate benefit of Sentinel policy as code, without having to invest in the heavy lifting of writing their own Sentinel policies from scratch.

By Shaked Rotlevi, Technical Product Marketing Manager – Wiz By Faizan Mahmood, Global Partner Account Manager – AWS Wiz On May 12, 2021 President Biden released the Executive Order on Improving the Nation’s Cybersecurity. The Executive Order aims to strengthen the Federal government’s cybersecurity posture and protect the nation’s critical infrastructure from cyber threats. Among […]

Governance, risk, and compliance (GRC) programs often require extensive custom controls that address a range of compliance standards and internal governance objectives. AWS Audit Manager helps to continuously audit cloud usage to simplify risk assessment and compliance with regulation and industry standards. Learn how MetricStream has collaborated with AWS to facilitate the controls and evidence collection hand-off between AWS Audit Manager and MetricStream CyberGRC.

Being able to support varying tenant configurations is a common requirement for SaaS providers. Learn how LaunchDarkly creates varied tenant experiences with entitlement flags and how to model entitlements as feature flags, targeted to tiers to give tenants access to specific features. We’ll also dive into ways you can use the LaunchDarkly feature for flagging deployments/releases, doing progressive rollouts, or running experimentation—all important release practices for SaaS providers.

Learn how Drata’s suite of continuous automated compliance solutions can help accelerate SaaS providers’ journey to compliance frameworks. These solutions allow customers, such as SaaS providers, to monitor their diverse workload spread across multiple accounts, and customize the controls they need to apply for their chosen compliance framework, and any of the other 14+ frameworks to which Drata has mapped their controls.