Compliance
Opencomply checks the compliance of assets, such as deployments, VMs, and Docker containers (or any asset discovered by the platform), by inspecting their configurations for adherence to specific rules.
Controls represent specific compliance requirements or best practices. Each Control references a Policy that contains the underlying technical logic for determining compliance.
Policies can be:
Embedded: Directly within the Control.
Referenced: As standalone entities, allowing for reuse across multiple Controls.
Control Groups organize related Controls within a Compliance Framework, acting as organizational units similar to folders. A Compliance Framework is a structured collection of Controls and metadata, where Control Groups may contain subgroups or individual Controls.
All Opencomply configurations, including Policies, Controls, Control Groups, and Frameworks, are defined using YAML.
Below is a visual representation of the Compliance Framework’s structure:
This hierarchical structure simplifies organization, enhances readability by enabling clear categorization, and simplifies compliance management.
With Opencomply, you can:
Define Policy as Code:
Create reusable compliance checks in YAML, ensuring consistent governance within a Git-based workflow.
Audit for Compliance:
Automate recurring checks or run them on-demand through the UI or API, capturing evidence and generating detailed reports. This approach provides flexibility and helps maintain consistent regulatory standards.
Govern Across Vendors:
Evaluate compliance across clouds and platforms with flexible queries, achieving unified strategies without relying on vendor-specific security services.
Opencomply ships with default Compliance Frameworks, Controls, Queries, and Views, all version-controlled in our GitHub repository. To customize them, clone the repository, then go to Administration → Settings → Platform Configuration in the Opencomply UI to reference a different configuration source or adjust existing settings.
Last updated