https://www.armosec.io/blog/kubernetes-hardening-guidance-summary-by-armo/?utm_source=github&utm_medium=repository
CIS
CIS WorkBench / Home (cisecurity.org) 可以注册看CIS条例
CIS Downloads (cisecurity.org)
adeliarisk.com/wp-content/uploads/2021/02/ea379fb337eb5d3def3e80339a91ff90.pdf
GitHub - mez-0/cis-benchmarks: CIS Benchmarks as of 20/05/2020
Center for Internet Security (CIS) Benchmarks (adeliarisk.com)
HIPPA
Best Practices for Kubernetes Compliance Under HIPAA | ARMO (armosec.io)
https://storage.pardot.com/799323/16758742307JCwZvhM/CIS_Controls_v8_Mapping_to_HIPAA_2_2023.xlsx
HIPAA Compliance Checklist - What Is HIPAA Compliance? (atlantic.net)
The Security Rule | HHS.gov
eCFR :: 45 CFR Subtitle A Subchapter C -- Administrative Data Standards and Related Requirements
GDPR
General Data Protection Regulation (GDPR) – Official Legal Text (gdpr-info.eu)
Kubernetes Compliance under GDPR | ARMO (armosec.io)
从GDPR看企业数据安全合规建设 (renrendoc.com)
A Guide to GDPR Compliance for Containers and the Cloud – Sysdig
Achieve and Enforce GDPR Compliance for Containers & Kubernetes (neuvector.com)
AWS GDPR compliance with Sysdig Secure – Sysdig
Kubernetes Compliance under GDPR | ARMO (armosec.io)
Preparing Container-Based Applications for GDPR: What You Need to Know (aquasec.com)
GDPR Compliance and Kubernetes Environments (cyberlands.io)
Preparing Container-Based Applications for GDPR: What You Need to Know (aquasec.com)
PCI-DSS
PCI Compliance for Containers and Kubernetes – Sysdig
listings.pcisecuritystandards.org/documents/PCI_DSS-QRG-v3_2_1.pdf
Payment Card Industry Data Security Standard (pcisecuritystandards.org)
Containers and PCI DSS: 10 requirements financial services must follow - FinTech Futures
PCI & CIS: Partners in Data Security (cisecurity.org)
PCI DSS Prioritized Approach for PCI DSS 3.2 (pcisecuritystandards.org)
NIST相关
NIST 800-53 compliance for containers and Kubernetes | Sysdig
Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1 (nist.gov)
NIST 800-53 compliance for containers and Kubernetes | Sysdig
Application Container Security Guide (nist.gov)NIST SP800-190(中文版) - 道客巴巴 (doc88.com)
11 种微服务和容器安全最佳实践(下) - 嘶吼 RoarTalk – 网络安全行业综合服务平台,4hou.com
等保2.0 VS NIST800-53之账户管理 | SDNLAB | 专注网络创新技术
NIST SP 800-190 Application Container Security | Sysdig
GUIDE. NIST 800-190 Application Security Guide Checklist (lookbookhq.com)
工具
GitHub - prowler-cloud/prowler: Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
相关资料
Compliance Dashboard (paloaltonetworks.com)文章来源:https://www.toymoban.com/news/detail-607490.html
文章来源地址https://www.toymoban.com/news/detail-607490.html
到了这里,关于k8s合规的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!
