Compliance Reports

The REPORTS page in the Alert Logic console provides access to data related to exposures and incidents Alert Logic found within your deployments. You can also view data related to your product usage within your accounts. For information on all the available report groups, see Reports Guide.

The Compliance report group provide convenient access to analysis, statistics, and trending data related to compliance assessment status and audit preparedness from your subscribed products and services. Alert Logic provides Compliance reports within the following categories:

  • CIS Benchmarks —Provide assessments of how your environment conforms to configuration guidelines developed by security experts.
  • PCI DSS Audit—Provide available documentation and compliance artifacts that help you demonstrate compliance with requirements of the Payment Card Industry Data Security Standard (PCI DSS).
  • HIPAA-HITECH Security Audit—Provide documentation to help demonstrate compliance with requirements of the Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health (HITECH) security audit.
  • HITRUST CSF —Provide documentation to help demonstrate compliance with HITRUST Common Security Framework (CSF) control categories, as outlined in the HITRUST Risk Management Framework.
  • SOC 2 Audit—Provide documentation to help demonstrate compliance with the Trust Services Criteria controls established the American Institute of Certified Public Accountants (AICPA).

To access the Compliance reports, in the Alert Logic console, click the menu icon (), and then click Validate. Click Reports, and then click Compliance.

Each report allows you to share its data by email, or download the report as an image, data, crosstab, PDF, or PowerPoint files. To learn how to download reports, see Report Download Option.

You can also schedule a report to run periodically and subscribe users or an integration (such as a webhook) to receive a notification when the report is generated. From the Downloads tab on the Reports page, you can download and manage reports generated from your schedules. For more information, see Scheduled Reports and Notifications.

Filtering reports

You can conveniently filter your reports quickly to refine your results and generate relevant information you need. Each report has a set of filters located at the top that you can select or clear for the filters you want to see. Alert Logic also allows you to add or remove some or all values in a filter you want to see.

By default, Alert Logic includes (All) filter values in the report.

To add or remove filter values:

  1. Click the drop-down menu in the filter, and then select or clear values.
  2. Click Apply.

CIS Benchmarks

You can run the following report that provides information on assessments of how your environment conforms to Center for Internet Security (CIS) Foundations Benchmark:

  • CIS Amazon Web Services (AWS) Foundation Benchmark: Provides an assessment of how your environment conforms to configuration guidelines developed by CIS experts.
  • CIS Microsoft Azure Foundation Benchmark: Provides an assessment of how your environment conforms to configuration guidelines developed by CIS experts.

For more information about CIS Benchmarks, see the CIS Benchmarks FAQ.

PCI DSS Audit

You can run the following reports that demonstrate compliance to specific requirements of the Payment Card Industry Data Security Standard (PCI DSS):

  • PCI Requirement 6.6: Shows web application firewall (WAF) deployments, traffic, incidents, and attacks to help you demonstrate compliance to Requirement 6.6. To learn more about this report, see PCI Requirement 6.6.
  • PCI Requirement 10.2.2: Provides guidance for performing log searches that help you demonstrate compliance with Requirement 10.2.2. To learn more about this report, see PCI Requirement 10.2.2.
  • PCI Requirement 10.2.4: Provides guidance for performing log searches that help you demonstrate compliance with Requirement 10.2.4. To learn more about this report, see PCI Requirement 10.2.4.
  • PCI Requirement 10.2.5: Provides guidance for performing log searches that help you demonstrate compliance with Requirement 10.2.5. To learn more about this report, see PCI Requirement 10.2.5.
  • PCI Requirement 10.2.6: Describes, and provides access to, log searches in the Alert Logic console that help demonstrate compliance with Requirement 10.2.6. To learn more about this report, see PCI Requirement 10.2.6.
  • PCI Requirement 10.2.7: Provides guidance for performing log searches that help you demonstrate compliance with Requirement 10.2.7. To learn more about this report, see PCI Requirement 10.2.7.
  • PCI Requirement 10.5.1 Report: Shows a list of the current log management users, which helps you demonstrate compliance with Requirement 10.5.1. To learn more about this report, see PCI Requirement 10.5.1.
  • PCI Requirement 10.5.5 Report: Provides guidance for how to access File Integrity Monitoring features that help you demonstrate compliance with Requirement 10.5.5. To learn more about this report, see PCI Requirement 10.5.5.
  • PCI Requirement 10.6.1 Report: Shows Log Review incidents and Log Management incidents that help you demonstrate compliance with Requirement 10.6.1. To learn more about this report, see PCI Requirement 10.6.1.
  • PCI Requirement 10.7 Report: Provides guidance for performing log searches that help you demonstrate compliance with Requirement 10.7. To learn more about this report, see PCI Requirement 10.7.
  • PCI Requirement 10.8 Report: Provides guidance to demonstrate you have implemented a process for the timely detection and reporting failures of critical security control systems, in compliance with Requirement 10.8. To learn more about this report, see PCI Requirement 10.8.
  • PCI Requirement 11.2.1 Report: Provides guidance to demonstrate that quarterly internal vulnerability scans, "high-risk" vulnerabilities are rescanned, and performed by qualified personnel, in compliance with Requirement 11.2.1. To learn more about this report, see PCI Requirement 11.2.1.
  • PCI Requirement 11.2.2 Report: Provides guidance to demonstrate that quarterly external vulnerability scans and rescans are performed, in compliance with Requirement 11.2.2. To learn more about this report, see PCI Requirement 11.2.2.
  • PCI Requirement 11.4: Shows Network IDS incidents and customer escalation contacts to help you demonstrate compliance to Requirement 11.4 To learn more about this report, see PCI Requirement 11.4.
  • PCI Requirement 11.5: Provides guidance on how to access File Integrity Monitoring features that help you demonstrate compliance with Requirement 11.5. To learn more about this report, see PCI Requirement 11.5.

HIPAA-HITECH Security Audit

You can run the following reports that demonstrate compliance with specific requirements of the HIPAA security audit:

  • HIPAA 164.308(a)(1)(ii)(B)—Risk Management: Provides information on security measures that reduce risk and vulnerabilities to a reasonable and appropriate level to help you demonstrate compliance with HIPAA 164.308(a)(1)(ii)(B). To learn more about this report, see HIPAA 164.308(a)(1)(ii)(B)—Risk Management.
  • HIPAA 164.308(a)(5)(ii)(B)—Protection from Malicious Software: Provides information on guarding against, detecting, and reporting malicious software to help you demonstrate compliance with HIPAA 164.308(a)(5)(ii)(B). To learn more about this report, see HIPAA 164.308(a)(5)(ii)(B)—Protection from Malicious Software.
  • HIPAA 164.308(a)(1)(ii)(D)—Information System Activity Review: Shows available documentation and compliance artifacts that help you demonstrate compliance with requirements of 164.308(a)(1)(ii)(D). To learn more about this report, see HIPAA 164.308(a)(1)(ii)(D)—Information System Activity Review.
  • HIPAA 164.308(a)(5)(ii)(C)—Login Monitoring: Shows available documentation and compliance artifacts that help you demonstrate compliance with requirements of HIPAA 164.308(a)(5)(ii)(C). To learn more about this report, see HIPAA 164.308(a)(5)(ii)(C)—Login Monitoring.
  • HIPAA 164.308(a)(6)(ii)—Response and Reporting: Shows available documentation and compliance artifacts that help you demonstrate compliance with requirements of HIPAA 164.308(a)(6)(ii). To learn more about this report, see HIPAA 164.308(a)(6)(ii)—Response and Reporting.
  • HIPAA 164.312(b)—Audit Controls: Provides information on the implemented software or procedural mechanisms that record and examine activity in information systems to help you demonstrate compliance with HIPAA 164.312(b). To learn more about this report, see HIPAA 164.312(b)—Audit Controls.

HITRUST CSF

You can run the following reports that demonstrate compliance with specific control categories of HITRUST CSF:

  • HITRUST CSF 01.0 Access Control: Describes how to use and access log searches and the list of users with access to security functions and access logs in the Alert Logic console that help demonstrate compliance with Control Category 01.0. To learn more about this report, see HITRUST CSF 01.0 Access Control.
  • HITRUST CSF 03.0 Risk Management: Describes how to use and access vulnerability, threat risk index, and threat response reporting features in the Alert Logic console that help demonstrate compliance with Control Category 03.0. To learn more about this report, see HITRUST CSF 03.0 Risk Management.
  • HITRUST CSF 06.0 Compliance: Provides guidance on how to access configuration features in the Alert Logic console that help you demonstrate compliance with Control Category 6.0. To learn more about this report, see HITRUST CSF 06.0 Compliance .
  • HITRUST CSF 09.0 Communications and Operations Management: Provides guidance on how to access configuration features in the Alert Logic consoleto that help you demonstrate compliance with Control Category 09.0. To learn more about this report, see HITRUST CSF 09.0 Communications and Operations Management.
  • HITRUST CSF 10.0 Information Systems Acquisition, Development, and Maintenance: Describes how to access web application protection and vulnerability management features in the Alert Logic console that help demonstrate compliance with Control Category 10.0. To learn more about this report, see HITRUST CSF 10.0 Information Systems Acquisition, Development, and Maintenance.
  • HITRUST CSF 11.0 Information Security Incident Management: Describes how to access security event and incident reporting features in the Alert Logic console that help demonstrate compliance with Control Category 11.0. To learn more about this report, see HITRUST CSF 11.0 Information Security Incident Management.

SOC 2 Audit

You can run the following reports that demonstrate compliance with specific common criteria (CC) of SOC 2:

  • SOC 2 CC6.2 User Registration: Describes how to use and access log searches in the Alert Logic console that help demonstrate compliance with CC6.2. To learn more about this report, see SOC 2 Common Criteria 6.2 User Registration.
  • SOC 2 CC6.3 Access Modification and Removal: Describes how to use and access log searches and the list of users with access to security functions and access logs in the Alert Logic console that help demonstrate compliance with CC6.3. To learn more about this report, see SOC 2 Common Criteria 6.3 Access Modification and Removal.
  • SOC 2 CC6.6 Boundary Protection: Describes how to use and access threat detection, scanning, and web application protection features in the Alert Logic console that help demonstrate compliance with CC6.6. To learn more about this report, see SOC 2 Common Criteria 6.6 Boundary Protection.
  • SOC 2 CC6.8 Unauthorized and Malicious Code Protection: Describes how to access file integrity monitoring and endpoint protection features in the Alert Logic console to that help you demonstrate compliance with CC6.8. To learn more about this report, see SOC 2 Common Criteria 6.8 Unauthorized and Malicious Code Protection.
  • SOC 2 CC7.1 Configuration and Vulnerability Management: Describes how to access file integrity monitoring, scan scheduling, and vulnerability reporting features in the Alert Logic console that help demonstrate compliance with CC7.1. To learn more about this report, see SOC 2 Common Criteria 7.1 Configuration and Vulnerability Management.
  • SOC 2 CC7.2 Security Event and Anomaly Detection: Describes how to access security event and threat response reporting features in the Alert Logic console that help demonstrate compliance with CC7.2. To learn more about this report, see SOC 2 Common Criteria 7.2 Security Event and Anomaly Detection.
  • SOC 2 CC7.3 Incident Detection and Response: Describes how to access security event and threat response reporting features in the Alert Logic console that help demonstrate compliance with CC7.3. To learn more about this report, see SOC 2 Common Criteria 7.3 Incident Detection and Response.
  • SOC 2 CC7.4 Incident Containment and Remediation: Describes how to access how to access vulnerability and threat response reporting features in the Alert Logic console that help demonstrate compliance with CC7.4. To learn more about this report, see SOC 2 Common Criteria 7.4 Incident Containment and Remediation.