kics icon indicating copy to clipboard operation
kics copied to clipboard
verified publisher icon Checkmarx

Any plans to incorporate various compliance/control frameworks?

Open corydorning opened this issue 3 years ago • 2 comments

Would be nice if there was a way to configure queries based on the various compliance frameworks, such as the Cloud Security Alliance (CSA) CCM instead of just the Center for Internet Security (CIS) benchmark standards.

Something similar to what Prisma Cloud can do from a policy standpoint.

corydorning avatar May 03 '22 15:05 corydorning

just checking in to see if maybe this was on the roadmap. :D

corydorning avatar May 10 '22 18:05 corydorning

Hi @corydorning thanks for your question! Compliance related features are being considered for the enterprise version of KICS (meaning, KICS running on Checkmarx's platform). Of course, any query added to cover the mentioned guidelines will be added to KICS open source, for general usage!

We'd love if you could use our Github Discussions panel for questions/suggestions like these. WDYT?

nunoocx avatar May 11 '22 08:05 nunoocx

Our plan is to likely use the Enterprise version. Assuming that, is there an ETA on such compliance related features?

Sent from my iPhone

On May 11, 2022, at 4:40 AM, Nuno Oliveira @.***> wrote:

 Hi @corydorning thanks for your question! Compliance related features are being considered for the enterprise version of KICS (meaning, KICS running on Checkmarx's platform). Of course, any query added to cover the mentioned guidelines will be added to KICS open source, for general usage!

We'd love if you could use our Github Discussions panel for questions/suggestions like these. WDYT?

— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.

corydorning avatar Oct 11 '22 09:10 corydorning