Open corydorning opened 2 years ago
just checking in to see if maybe this was on the roadmap. :D
Hi @corydorning thanks for your question! Compliance related features are being considered for the enterprise version of KICS (meaning, KICS running on Checkmarx's platform). Of course, any query added to cover the mentioned guidelines will be added to KICS open source, for general usage!
We'd love if you could use our Github Discussions panel for questions/suggestions like these. WDYT?
Our plan is to likely use the Enterprise version. Assuming that, is there an ETA on such compliance related features?
Sent from my iPhone
On May 11, 2022, at 4:40 AM, Nuno Oliveira @.***> wrote:
Hi @corydorning thanks for your question! Compliance related features are being considered for the enterprise version of KICS (meaning, KICS running on Checkmarx's platform). Of course, any query added to cover the mentioned guidelines will be added to KICS open source, for general usage!
We'd love if you could use our Github Discussions panel for questions/suggestions like these. WDYT?
— Reply to this email directly, view it on GitHub, or unsubscribe. You are receiving this because you were mentioned.
Would be nice if there was a way to configure queries based on the various compliance frameworks, such as the Cloud Security Alliance (CSA) CCM instead of just the Center for Internet Security (CIS) benchmark standards.
Something similar to what Prisma Cloud can do from a policy standpoint.