Cloud One - Conformity platform best practice rules
Conformity ensures best practice of the usage of its own solution by checking the following rules
- Cloud Conformity API Keys Rotation (30 Days)
Ensure Cloud Conformity API keys are rotated on a periodic basis as a security best practice.
- Add All AWS Accounts to Cloud Conformity
Ensure that all AWS accounts are added to your Cloud Conformity subscription.
- Users signed in to Conformity from an approved country
Conformity user authentication from a non-approved country has been detected.
- Conformity user has signed in without MFA
Conformity user authentication without MFA has been detected.
- Monitor Cloud Conformity Configuration Changes
Rule administrative configuration changes have been detected within your Cloud Conformity account.
- Cloud Conformity Custom Policy Version
Ensure that your AWS account is using the latest version of Cloud Conformity custom access policy.
- Trend Micro Cloud One™ – Conformity Insufficient Access Permissions
Ensure that the Conformity Bot has all the permissions required to perform its latest checks.
- Enable Cloud Conformity Multi-Factor Authentication
Ensure that Multi-Factor Authentication (MFA) is enabled to secure your Cloud Conformity account.
- Real-Time Monitoring EventBridge Rule Configuration
Ensure each AWS region has the Conformity Real-Time Monitoring EventBridge rule correctly configured.