diff --git a/.github/scripts/compare-controls.go b/.github/scripts/compare-controls.go index 9ff16563f..bc9332e80 100755 --- a/.github/scripts/compare-controls.go +++ b/.github/scripts/compare-controls.go @@ -19,7 +19,7 @@ type Benchmark struct { Children []string `json:"Children" yaml:"Children"` Tags map[string][]string `json:"Tags" yaml:"Tags"` Enabled bool `json:"Enabled" yaml:"Enabled"` - AutoAssign bool `json:"AutoAssign" yaml:"AutoAssign"` + IsBaseline bool `json:"IsBaseline" yaml:"IsBaseline"` Controls []string `json:"Controls" yaml:"Controls"` } diff --git a/compliance/frameworks/aws/aws_acsc_essential_eight.yaml b/compliance/frameworks/aws/aws_acsc_essential_eight.yaml index d0f8348b4..3a62fbc2f 100644 --- a/compliance/frameworks/aws/aws_acsc_essential_eight.yaml +++ b/compliance/frameworks/aws/aws_acsc_essential_eight.yaml @@ -4,7 +4,7 @@ framework: description: The Australian Cyber Security Center (ACSC) Essential Eight is a set of baseline security strategies designed to mitigate cyber security incidents. The Essential Eight is a prioritized list of mitigation strategies that organizations can implement to protect their systems against a range of adversaries. The Essential Eight is based on the Australian Signals Directorate (ASD) Strategies to Mitigate Cyber Security Incidents. section-code: aws_acsc_essential_eight defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_acsc_essential_eight/aws_acsc_essential_eight.yaml b/compliance/frameworks/aws/aws_acsc_essential_eight/aws_acsc_essential_eight.yaml index a19236ae0..cb4afd650 100644 --- a/compliance/frameworks/aws/aws_acsc_essential_eight/aws_acsc_essential_eight.yaml +++ b/compliance/frameworks/aws/aws_acsc_essential_eight/aws_acsc_essential_eight.yaml @@ -4,7 +4,7 @@ framework: description: The Australian Cyber Security Center (ACSC) Essential Eight is a set of baseline security strategies designed to mitigate cyber security incidents. The Essential Eight is a prioritized list of mitigation strategies that organizations can implement to protect their systems against a range of adversaries. The Essential Eight is based on the Australian Signals Directorate (ASD) Strategies to Mitigate Cyber Security Incidents. section-code: aws_acsc_essential_eight defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_all_controls/aws_all_controls.yaml b/compliance/frameworks/aws/aws_all_controls/aws_all_controls.yaml index 8d45da05b..3f09c96c6 100644 --- a/compliance/frameworks/aws/aws_all_controls/aws_all_controls.yaml +++ b/compliance/frameworks/aws/aws_all_controls/aws_all_controls.yaml @@ -4,7 +4,7 @@ framework: description: This benchmark contains all controls grouped by service to help you detect resource configurations that do not meet best practices. section-code: aws_all_controls defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_audit_manager_control_tower/aws_audit_manager_control_tower.yaml b/compliance/frameworks/aws/aws_audit_manager_control_tower/aws_audit_manager_control_tower.yaml index 8f6266db1..94acfbd43 100644 --- a/compliance/frameworks/aws/aws_audit_manager_control_tower/aws_audit_manager_control_tower.yaml +++ b/compliance/frameworks/aws/aws_audit_manager_control_tower/aws_audit_manager_control_tower.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_cis_compute_service_v100/aws_cis_compute_service_v100.yaml b/compliance/frameworks/aws/aws_cis_compute_service_v100/aws_cis_compute_service_v100.yaml index ed953502e..a81fcfa78 100644 --- a/compliance/frameworks/aws/aws_cis_compute_service_v100/aws_cis_compute_service_v100.yaml +++ b/compliance/frameworks/aws/aws_cis_compute_service_v100/aws_cis_compute_service_v100.yaml @@ -26,7 +26,7 @@ framework: version: - v1.0.0 defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_cis_controls_v8_ig1/aws_cis_controls_v8_ig1.yaml b/compliance/frameworks/aws/aws_cis_controls_v8_ig1/aws_cis_controls_v8_ig1.yaml index 7b8d0adfa..ba11f3406 100644 --- a/compliance/frameworks/aws/aws_cis_controls_v8_ig1/aws_cis_controls_v8_ig1.yaml +++ b/compliance/frameworks/aws/aws_cis_controls_v8_ig1/aws_cis_controls_v8_ig1.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_cis_v120/aws_cis_v120.yaml b/compliance/frameworks/aws/aws_cis_v120/aws_cis_v120.yaml index e68850c73..669613089 100644 --- a/compliance/frameworks/aws/aws_cis_v120/aws_cis_v120.yaml +++ b/compliance/frameworks/aws/aws_cis_v120/aws_cis_v120.yaml @@ -21,7 +21,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_cis_v130/aws_cis_v130.yaml b/compliance/frameworks/aws/aws_cis_v130/aws_cis_v130.yaml index fa79b2717..b8281a646 100644 --- a/compliance/frameworks/aws/aws_cis_v130/aws_cis_v130.yaml +++ b/compliance/frameworks/aws/aws_cis_v130/aws_cis_v130.yaml @@ -21,7 +21,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_cis_v140/aws_cis_v140.yaml b/compliance/frameworks/aws/aws_cis_v140/aws_cis_v140.yaml index 7ae5cd0cd..b30ce781c 100644 --- a/compliance/frameworks/aws/aws_cis_v140/aws_cis_v140.yaml +++ b/compliance/frameworks/aws/aws_cis_v140/aws_cis_v140.yaml @@ -21,7 +21,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_cis_v150/aws_cis_v150.yaml b/compliance/frameworks/aws/aws_cis_v150/aws_cis_v150.yaml index 71ab987ac..10cf83d08 100644 --- a/compliance/frameworks/aws/aws_cis_v150/aws_cis_v150.yaml +++ b/compliance/frameworks/aws/aws_cis_v150/aws_cis_v150.yaml @@ -21,7 +21,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_cis_v200/aws_cis_v200.yaml b/compliance/frameworks/aws/aws_cis_v200/aws_cis_v200.yaml index 234ab6251..c8e4bcd96 100644 --- a/compliance/frameworks/aws/aws_cis_v200/aws_cis_v200.yaml +++ b/compliance/frameworks/aws/aws_cis_v200/aws_cis_v200.yaml @@ -21,7 +21,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_cis_v300/aws_cis_v300.yaml b/compliance/frameworks/aws/aws_cis_v300/aws_cis_v300.yaml index eee2a1add..fbc84f1b6 100644 --- a/compliance/frameworks/aws/aws_cis_v300/aws_cis_v300.yaml +++ b/compliance/frameworks/aws/aws_cis_v300/aws_cis_v300.yaml @@ -21,7 +21,7 @@ framework: type: - Benchmark defaults: - auto-assign: true + is-baseline: true enabled: true tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_cisa_cyber_essentials/aws_cisa_cyber_essentials.yaml b/compliance/frameworks/aws/aws_cisa_cyber_essentials/aws_cisa_cyber_essentials.yaml index e1755f2aa..895336431 100644 --- a/compliance/frameworks/aws/aws_cisa_cyber_essentials/aws_cisa_cyber_essentials.yaml +++ b/compliance/frameworks/aws/aws_cisa_cyber_essentials/aws_cisa_cyber_essentials.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_fedramp_low_rev_4/aws_fedramp_low_rev_4.yaml b/compliance/frameworks/aws/aws_fedramp_low_rev_4/aws_fedramp_low_rev_4.yaml index 567f3c0bd..29f5ecf24 100644 --- a/compliance/frameworks/aws/aws_fedramp_low_rev_4/aws_fedramp_low_rev_4.yaml +++ b/compliance/frameworks/aws/aws_fedramp_low_rev_4/aws_fedramp_low_rev_4.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_fedramp_moderate_rev_4/aws_fedramp_moderate_rev_4.yaml b/compliance/frameworks/aws/aws_fedramp_moderate_rev_4/aws_fedramp_moderate_rev_4.yaml index 403c3d55f..67baeeaa2 100644 --- a/compliance/frameworks/aws/aws_fedramp_moderate_rev_4/aws_fedramp_moderate_rev_4.yaml +++ b/compliance/frameworks/aws/aws_fedramp_moderate_rev_4/aws_fedramp_moderate_rev_4.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_ffiec/aws_ffiec.yaml b/compliance/frameworks/aws/aws_ffiec/aws_ffiec.yaml index 5a026a646..ce342f35e 100644 --- a/compliance/frameworks/aws/aws_ffiec/aws_ffiec.yaml +++ b/compliance/frameworks/aws/aws_ffiec/aws_ffiec.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_foundational_security/aws_foundational_security.yaml b/compliance/frameworks/aws/aws_foundational_security/aws_foundational_security.yaml index e945242a8..c4f07b90a 100644 --- a/compliance/frameworks/aws/aws_foundational_security/aws_foundational_security.yaml +++ b/compliance/frameworks/aws/aws_foundational_security/aws_foundational_security.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_gdpr/aws_gdpr.yaml b/compliance/frameworks/aws/aws_gdpr/aws_gdpr.yaml index 323376a91..fe660b9f7 100644 --- a/compliance/frameworks/aws/aws_gdpr/aws_gdpr.yaml +++ b/compliance/frameworks/aws/aws_gdpr/aws_gdpr.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_gxp_21_cfr_part_11/aws_gxp_21_cfr_part_11.yaml b/compliance/frameworks/aws/aws_gxp_21_cfr_part_11/aws_gxp_21_cfr_part_11.yaml index a054fdd67..4cfa4259c 100644 --- a/compliance/frameworks/aws/aws_gxp_21_cfr_part_11/aws_gxp_21_cfr_part_11.yaml +++ b/compliance/frameworks/aws/aws_gxp_21_cfr_part_11/aws_gxp_21_cfr_part_11.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_gxp_eu_annex_11/aws_gxp_eu_annex_11.yaml b/compliance/frameworks/aws/aws_gxp_eu_annex_11/aws_gxp_eu_annex_11.yaml index 0ab6f53d6..50dcb4e6e 100644 --- a/compliance/frameworks/aws/aws_gxp_eu_annex_11/aws_gxp_eu_annex_11.yaml +++ b/compliance/frameworks/aws/aws_gxp_eu_annex_11/aws_gxp_eu_annex_11.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_hipaa_final_omnibus_security_rule_2013/aws_hipaa_final_omnibus_security_rule_2013.yaml b/compliance/frameworks/aws/aws_hipaa_final_omnibus_security_rule_2013/aws_hipaa_final_omnibus_security_rule_2013.yaml index cfba94f7b..becf4ac70 100644 --- a/compliance/frameworks/aws/aws_hipaa_final_omnibus_security_rule_2013/aws_hipaa_final_omnibus_security_rule_2013.yaml +++ b/compliance/frameworks/aws/aws_hipaa_final_omnibus_security_rule_2013/aws_hipaa_final_omnibus_security_rule_2013.yaml @@ -20,7 +20,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_hipaa_security_rule_2003/aws_hipaa_security_rule_2003.yaml b/compliance/frameworks/aws/aws_hipaa_security_rule_2003/aws_hipaa_security_rule_2003.yaml index 84ad8122f..1843648d5 100644 --- a/compliance/frameworks/aws/aws_hipaa_security_rule_2003/aws_hipaa_security_rule_2003.yaml +++ b/compliance/frameworks/aws/aws_hipaa_security_rule_2003/aws_hipaa_security_rule_2003.yaml @@ -20,7 +20,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_nist_800_171_rev_2/aws_nist_800_171_rev_2.yaml b/compliance/frameworks/aws/aws_nist_800_171_rev_2/aws_nist_800_171_rev_2.yaml index 5fdd33b28..aeabc2ecd 100644 --- a/compliance/frameworks/aws/aws_nist_800_171_rev_2/aws_nist_800_171_rev_2.yaml +++ b/compliance/frameworks/aws/aws_nist_800_171_rev_2/aws_nist_800_171_rev_2.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_nist_800_172/aws_nist_800_172.yaml b/compliance/frameworks/aws/aws_nist_800_172/aws_nist_800_172.yaml index b9ef37db6..5291000fd 100644 --- a/compliance/frameworks/aws/aws_nist_800_172/aws_nist_800_172.yaml +++ b/compliance/frameworks/aws/aws_nist_800_172/aws_nist_800_172.yaml @@ -4,7 +4,7 @@ framework: description: NIST Special Publication (SP) 800-172 provides federal agencies with a set of enhanced security requirements for protecting the confidentiality, integrity, and availability of controlled unclassified information (CUI) in nonfederal systems and organizations from the advanced persistent threat when the CUI is associated with a critical program or high value asset. section-code: aws_nist_800_172 defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_nist_800_53_rev_4/aws_nist_800_53_rev_4.yaml b/compliance/frameworks/aws/aws_nist_800_53_rev_4/aws_nist_800_53_rev_4.yaml index c7342f6f5..5d8623167 100644 --- a/compliance/frameworks/aws/aws_nist_800_53_rev_4/aws_nist_800_53_rev_4.yaml +++ b/compliance/frameworks/aws/aws_nist_800_53_rev_4/aws_nist_800_53_rev_4.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_nist_800_53_rev_5/aws_nist_800_53_rev_5.yaml b/compliance/frameworks/aws/aws_nist_800_53_rev_5/aws_nist_800_53_rev_5.yaml index 60ce4ba99..2cdde0dc9 100644 --- a/compliance/frameworks/aws/aws_nist_800_53_rev_5/aws_nist_800_53_rev_5.yaml +++ b/compliance/frameworks/aws/aws_nist_800_53_rev_5/aws_nist_800_53_rev_5.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_nist_csf.yaml b/compliance/frameworks/aws/aws_nist_csf.yaml index 2240cfc71..e5c03be3f 100644 --- a/compliance/frameworks/aws/aws_nist_csf.yaml +++ b/compliance/frameworks/aws/aws_nist_csf.yaml @@ -20,7 +20,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: true tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_pci_dss_v321/aws_pci_dss_v321.yaml b/compliance/frameworks/aws/aws_pci_dss_v321/aws_pci_dss_v321.yaml index 8292ea33d..4523dd382 100644 --- a/compliance/frameworks/aws/aws_pci_dss_v321/aws_pci_dss_v321.yaml +++ b/compliance/frameworks/aws/aws_pci_dss_v321/aws_pci_dss_v321.yaml @@ -4,7 +4,7 @@ framework: description: The Payment Card Industry Data Security Standard (PCI DSS) v3.2.1 is an information security standard for entities that store, process, and/or transmit cardholder data. section-code: aws_pci_dss_v321 defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_rbi_cyber_security/aws_rbi_cyber_security.yaml b/compliance/frameworks/aws/aws_rbi_cyber_security/aws_rbi_cyber_security.yaml index 996f75154..1100f0e05 100644 --- a/compliance/frameworks/aws/aws_rbi_cyber_security/aws_rbi_cyber_security.yaml +++ b/compliance/frameworks/aws/aws_rbi_cyber_security/aws_rbi_cyber_security.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_rbi_itf_nbfc/aws_rbi_itf_nbfc.yaml b/compliance/frameworks/aws/aws_rbi_itf_nbfc/aws_rbi_itf_nbfc.yaml index 4450321d6..3618d87f0 100644 --- a/compliance/frameworks/aws/aws_rbi_itf_nbfc/aws_rbi_itf_nbfc.yaml +++ b/compliance/frameworks/aws/aws_rbi_itf_nbfc/aws_rbi_itf_nbfc.yaml @@ -4,7 +4,7 @@ framework: description: The NBFC (Non-Banking Finance Company) sector has grown in size and complexity over the years. As the NBFC industry matures and achieves scale, its Information Technology /Information Security (IT/IS) framework, Business continuity planning (BCP), Disaster Recovery (DR) Management, IT audit, etc. must be benchmarked to best practices. section-code: aws_rbi_itf_nbfc defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_rego_test.yaml b/compliance/frameworks/aws/aws_rego_test.yaml index 673284591..1142c6a56 100644 --- a/compliance/frameworks/aws/aws_rego_test.yaml +++ b/compliance/frameworks/aws/aws_rego_test.yaml @@ -20,7 +20,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/aws/aws_soc_2.yaml b/compliance/frameworks/aws/aws_soc_2.yaml index ceebefa78..39c659325 100644 --- a/compliance/frameworks/aws/aws_soc_2.yaml +++ b/compliance/frameworks/aws/aws_soc_2.yaml @@ -20,7 +20,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/azure/azure_all_controls/azure_all_controls.yaml b/compliance/frameworks/azure/azure_all_controls/azure_all_controls.yaml index 74bc75d02..5f5a96656 100644 --- a/compliance/frameworks/azure/azure_all_controls/azure_all_controls.yaml +++ b/compliance/frameworks/azure/azure_all_controls/azure_all_controls.yaml @@ -4,7 +4,7 @@ framework: description: This benchmark contains all controls grouped by service to help you detect resource configurations that do not meet best practices. section-code: azure_all_controls defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/azure/azure_cis_v130/azure_cis_v130.yaml b/compliance/frameworks/azure/azure_cis_v130/azure_cis_v130.yaml index 7b9eb3aa8..e9520ba96 100644 --- a/compliance/frameworks/azure/azure_cis_v130/azure_cis_v130.yaml +++ b/compliance/frameworks/azure/azure_cis_v130/azure_cis_v130.yaml @@ -21,7 +21,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/azure/azure_cis_v140/azure_cis_v140.yaml b/compliance/frameworks/azure/azure_cis_v140/azure_cis_v140.yaml index 0c2fa4349..a66d1cd1e 100644 --- a/compliance/frameworks/azure/azure_cis_v140/azure_cis_v140.yaml +++ b/compliance/frameworks/azure/azure_cis_v140/azure_cis_v140.yaml @@ -21,7 +21,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/azure/azure_cis_v150/azure_cis_v150.yaml b/compliance/frameworks/azure/azure_cis_v150/azure_cis_v150.yaml index 9c42a28df..0353cdf86 100644 --- a/compliance/frameworks/azure/azure_cis_v150/azure_cis_v150.yaml +++ b/compliance/frameworks/azure/azure_cis_v150/azure_cis_v150.yaml @@ -21,7 +21,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/azure/azure_cis_v200/azure_cis_v200.yaml b/compliance/frameworks/azure/azure_cis_v200/azure_cis_v200.yaml index 637805ac3..bf0bccd71 100644 --- a/compliance/frameworks/azure/azure_cis_v200/azure_cis_v200.yaml +++ b/compliance/frameworks/azure/azure_cis_v200/azure_cis_v200.yaml @@ -21,7 +21,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/azure/azure_cis_v210/azure_cis_v210.yaml b/compliance/frameworks/azure/azure_cis_v210/azure_cis_v210.yaml index 8b58ed265..c47206805 100644 --- a/compliance/frameworks/azure/azure_cis_v210/azure_cis_v210.yaml +++ b/compliance/frameworks/azure/azure_cis_v210/azure_cis_v210.yaml @@ -4,7 +4,7 @@ framework: description: The CIS Microsoft Azure Foundations Security Benchmark provides prescriptive guidance for establishing a secure baseline configuration for Microsoft Azure. section-code: azure_cis_v210 defaults: - auto-assign: true + is-baseline: true enabled: true tracks-drift-events: false control-group: diff --git a/compliance/frameworks/azure/azure_fedramp_high/azure_fedramp_high.yaml b/compliance/frameworks/azure/azure_fedramp_high/azure_fedramp_high.yaml index 11210c16e..7e5d1fa1b 100644 --- a/compliance/frameworks/azure/azure_fedramp_high/azure_fedramp_high.yaml +++ b/compliance/frameworks/azure/azure_fedramp_high/azure_fedramp_high.yaml @@ -4,7 +4,7 @@ framework: description: The Federal Risk and Authorization Management Program (FedRAMP) is a U.S. Federal government program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. The FedRAMP program has helped to accelerate the adoption of secure cloud solutions through the reuse of assessments and authorizations across government agencies. FedRAMP leverages a standardized set of requirements, established in accordance with the Federal Information Security Management Act (FISMA), to improve consistency and confidence in the security of cloud solutions. Cloud Service Providers (CSP) that support U.S. government customers or operate on U.S. government information are responsible for complying with the requirements established by the FedRAMP program. In May 2020 the Salesforce Government Cloud Plus achieved a provisional Authority to Operate (ATO) at the high impact level issued by the FedRAMP Joint Authorization Board (JAB). section-code: azure_fedramp_high defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/azure/azure_hipaa_hitrust_v92/azure_hipaa_hitrust_v92.yaml b/compliance/frameworks/azure/azure_hipaa_hitrust_v92/azure_hipaa_hitrust_v92.yaml index 8410dcc92..86644883c 100644 --- a/compliance/frameworks/azure/azure_hipaa_hitrust_v92/azure_hipaa_hitrust_v92.yaml +++ b/compliance/frameworks/azure/azure_hipaa_hitrust_v92/azure_hipaa_hitrust_v92.yaml @@ -21,7 +21,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/azure/azure_msb/azure_msb.yaml b/compliance/frameworks/azure/azure_msb/azure_msb.yaml index 023b0dcbd..ddc520345 100644 --- a/compliance/frameworks/azure/azure_msb/azure_msb.yaml +++ b/compliance/frameworks/azure/azure_msb/azure_msb.yaml @@ -17,8 +17,8 @@ framework: type: - Benchmark defaults: - auto-assign: true - enabled: true + is-baseline: false + enabled: false tracks-drift-events: false control-group: - id: azure_cis_v200_2 diff --git a/compliance/frameworks/azure/azure_nist_sp_800_171_rev_2/azure_nist_sp_800_171_rev_2.yaml b/compliance/frameworks/azure/azure_nist_sp_800_171_rev_2/azure_nist_sp_800_171_rev_2.yaml index a10ed262d..3227262d1 100644 --- a/compliance/frameworks/azure/azure_nist_sp_800_171_rev_2/azure_nist_sp_800_171_rev_2.yaml +++ b/compliance/frameworks/azure/azure_nist_sp_800_171_rev_2/azure_nist_sp_800_171_rev_2.yaml @@ -4,7 +4,7 @@ framework: description: NIST SP 800-171 Revision 2 signifies a significant endeavor to enhance cybersecurity practices, specifically tailored for organizations engaging with the U.S. federal government. section-code: azure_nist_sp_800_171_rev_2 defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/azure/azure_nist_sp_800_53_rev_5/azure_nist_sp_800_53_rev_5.yaml b/compliance/frameworks/azure/azure_nist_sp_800_53_rev_5/azure_nist_sp_800_53_rev_5.yaml index e872c1252..3663b167a 100644 --- a/compliance/frameworks/azure/azure_nist_sp_800_53_rev_5/azure_nist_sp_800_53_rev_5.yaml +++ b/compliance/frameworks/azure/azure_nist_sp_800_53_rev_5/azure_nist_sp_800_53_rev_5.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/azure/azure_pci_dss_v321/azure_pci_dss_v321.yaml b/compliance/frameworks/azure/azure_pci_dss_v321/azure_pci_dss_v321.yaml index 4007c2e65..41d9efd4b 100644 --- a/compliance/frameworks/azure/azure_pci_dss_v321/azure_pci_dss_v321.yaml +++ b/compliance/frameworks/azure/azure_pci_dss_v321/azure_pci_dss_v321.yaml @@ -19,7 +19,7 @@ framework: type: - Benchmark defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/azure/azure_rbi_itf_nbfc_v2017/azure_rbi_itf_nbfc_v2017.yaml b/compliance/frameworks/azure/azure_rbi_itf_nbfc_v2017/azure_rbi_itf_nbfc_v2017.yaml index 421b6621b..2e8a18497 100644 --- a/compliance/frameworks/azure/azure_rbi_itf_nbfc_v2017/azure_rbi_itf_nbfc_v2017.yaml +++ b/compliance/frameworks/azure/azure_rbi_itf_nbfc_v2017/azure_rbi_itf_nbfc_v2017.yaml @@ -4,7 +4,7 @@ framework: description: Reserve Bank of India - IT Framework for NBFC Regulatory Compliance section-code: azure_rbi_itf_nbfc_v2017 defaults: - auto-assign: false + is-baseline: false enabled: false tracks-drift-events: false control-group: diff --git a/compliance/frameworks/baseline/efficiency.yaml b/compliance/frameworks/baseline/efficiency.yaml index 6db7f4ba4..2e78058f8 100644 --- a/compliance/frameworks/baseline/efficiency.yaml +++ b/compliance/frameworks/baseline/efficiency.yaml @@ -9,7 +9,7 @@ framework: type: - BASELINE defaults: - auto-assign: true + is-baseline: true enabled: true tracks-drift-events: false control-group: diff --git a/compliance/frameworks/baseline/reliability.yaml b/compliance/frameworks/baseline/reliability.yaml index 21ddf62c1..ff33cc113 100644 --- a/compliance/frameworks/baseline/reliability.yaml +++ b/compliance/frameworks/baseline/reliability.yaml @@ -9,7 +9,7 @@ framework: type: - Baseline defaults: - auto-assign: true + is-baseline: true enabled: true tracks-drift-events: false control-group: diff --git a/compliance/frameworks/baseline/security.yaml b/compliance/frameworks/baseline/security.yaml index 5bebe318d..f352a4dff 100644 --- a/compliance/frameworks/baseline/security.yaml +++ b/compliance/frameworks/baseline/security.yaml @@ -9,8 +9,8 @@ framework: type: - BASELINE defaults: - auto-assign: true - enabled: false + is-baseline: true + enabled: true tracks-drift-events: false control-group: - id: aws_baseline_security diff --git a/compliance/frameworks/baseline/supportability.yaml b/compliance/frameworks/baseline/supportability.yaml index b211e30b9..074ddd849 100644 --- a/compliance/frameworks/baseline/supportability.yaml +++ b/compliance/frameworks/baseline/supportability.yaml @@ -9,8 +9,8 @@ framework: type: - BASELINE defaults: - auto-assign: true - enabled: false + is-baseline: true + enabled: true tracks-drift-events: false control-group: - id: aws_baseline_supportability diff --git a/compliance/frameworks/baseline/target.yml b/compliance/frameworks/baseline/target.yml index 15b852c3e..54606960c 100644 --- a/compliance/frameworks/baseline/target.yml +++ b/compliance/frameworks/baseline/target.yml @@ -4,7 +4,7 @@ framework: description: "NIST Cybersecurity Framework is a set of best practices, standards, and recommendations that help an organization improve its cybersecurity measures." section-code: aws_nist_csf defaults: - auto-assign: false + is-baseline: false enabled: true tracks-drift-events: false tags: diff --git a/compliance/frameworks/tagging/tagging.yaml b/compliance/frameworks/tagging/tagging.yaml index 3c8e9c9a7..02bea9795 100755 --- a/compliance/frameworks/tagging/tagging.yaml +++ b/compliance/frameworks/tagging/tagging.yaml @@ -19,8 +19,8 @@ framework: type: - Benchmark defaults: - auto-assign: false - enabled: true + is-baseline: false + enabled: false tracks-drift-events: false control-group: - id: tagging_aws_tagging