Security controls in-place check for the implementation of a specific safeguard. If a certain control has not been implemented, appropriate notifications are provided in the platform’s UI to indicate the same, with relevant recommendations to remediate.
You can also choose to ignore the control implementation, thereby no longer seeing the notification in the UI as well as ensuring it does not affect your overall compliance readiness score.
In this example below, container logging was not implemented in the aptible-misc environment.
In such a scenario, you have two options:
Based on the remediation recommendations provided in the platform for a control that hasn’t been implemented, you could choose to follow the appropriate instructions to implement the control in question. Coming to the example provided above, the user with
write access to the aptible-misc environment can configure a log drain collecting and aggregating their container logs to a destination of choice. Doing this would be an acceptable implementation of the specific control, thereby remediating the issue of non-compliance.
You could also choose to ignore the control implementation based on your organization’s judgement for the specific resource in question. This would ignore the implementation of the specific control, which in the example above, was the aptible-misc environment. Doing so would no longer show you a warning in the UI indicating the control was not implemented, and would ensure it does not affect your compliance readiness score.
Control implementations you’ve ignored can be seen in the expanded view of each control. You can also unignore the control implementation if needed.
Updated over 1 year ago