cloud-evidence
DemoPricingPartnersSign InGet Started

Compliance Dashboard

Account ****-****-7034·Last scan: 2 hours agoDeep ScanDemo

SOC 2

Type II

74%
PARTIALLY COMPLIANT32/43

NIST 800-53

Rev 5

68%
PARTIALLY COMPLIANT129/190

HIPAA

Security Rule

80%
COMPLIANT24/30

PCI-DSS

v4.0

71%
PARTIALLY COMPLIANT87/123

GLBA

Safeguards Rule

83%
COMPLIANT5/6

CIS Benchmark

AWS Foundations

72%
PARTIALLY COMPLIANT46/64

ISO 27001

2022

76%
PARTIALLY COMPLIANT71/93

AI / Agentic Risk

Threat Model

63%
PARTIALLY COMPLIANT5/8

Findings Summary

3
Critical
7
High
12
Medium
9
Low
31
Total

Action Required

CRITICAL
IAM.1

Root account MFA not enabled

CRITICAL
EC2.19

Security group sg-0a3f8e12 allows SSH from 0.0.0.0/0

CRITICAL
EC2.18

Security group sg-0b7c4d99 allows all traffic from 0.0.0.0/0

HIGH
CT.2

No multi-region trail configured

HIGH
IAM.2

User deploy-bot has access keys but no MFA

HIGH
IAM.7

No password policy configured

HIGH
S3.4

Bucket app-logs-staging has no encryption

HIGH
CT.3

Trail prod-trail is not logging

HIGH
RDS.2

RDS instance analytics-db is publicly accessible

HIGH
IAM.2

User ci-pipeline has access keys but no MFA

Show 6 medium findings
MEDIUM
S3.1

Bucket temp-uploads missing public access block

MEDIUM
EC2.6

VPC vpc-0f9a8b12 has no flow logs

MEDIUM
IAM.3

User legacy-admin has access key older than 90 days

MEDIUM
KMS.4

KMS key a1b2c3d4-... does not have rotation enabled

MEDIUM
CT.4

Trail prod-trail has no log file validation

MEDIUM
S3.1

Bucket cdn-assets missing public access block

Account is part of AWS Organization with centralized logging

Audit Prep — SOC 2

Auditor questions analysis — see which can be auto-answered and which need documentation

84
Total Questions
52
Pre-Answered
19
Partial
13
Need Attestation
Automation Coverage62%
Auto-answered Partial Manual

Top Questions Needing Documentation

CC6.1How does the organization restrict logical access to information assets?
CC6.3How is access to data restricted based on principle of least privilege?
CC7.2How does the organization monitor system components for anomalies?
CC8.1How are changes to infrastructure authorized and documented?
CC9.1How does the organization identify and mitigate risks from vendors?

Compliance Scope

Define which resources are in scope for compliance reporting

INCLUDETag: Environment=production
EXCLUDERegions: ap-southeast-1, ap-northeast-1
Default action: Include unmatched resources

This is your dashboard in 5 minutes

Deploy a read-only IAM role via CloudFormation. Get your first compliance report before your coffee gets cold.

Start Free TrialSchedule a Walkthrough