Available predefined profiles
With the IBM Cloud® Security and Compliance Center, you can take advantage of predefined profiles that contain collections of controls that are curated based on industry standards. You can also create your own Assessment-based profiles.
Security and Compliance Center supports predefined profiles. Within each profile, you can review the controls that are required to be compliant. You can't modify or remove controls from a predefined profile. But, you can use a predefined profile as a base to create a new profile to choose only the controls and goals that are relevant for your business.
Then, if needed, you can update the default parameters that are associated with the goals within each predefined profile.
Updating predefined profiles
At times, Security and Compliance Center publishes new versions of IBM Cloud predefined profiles. Reasons for reversioning include:
-
to remove rules that are invalid or are no longer required to meet controls;
-
to add new rules and extend the compliance coverage of profiles;
-
to fix defective rules.
New attachments cannot be created on deprecated profile versions. Select the most recent version to use for your evaluation.
Available pre-defined profiles
The following profiles are available for you to use in Security and Compliance Center.
| Profile | Description | Environment | Release notes |
|---|---|---|---|
| AI ICT Guardrails | Ensure that your resource configurations meet the baseline requirements surrounding AI and generative AI workloads. | IBM Cloud |
|
| Amazon Web Services CIS Foundations Benchmark* | Validate that your resource configurations meet the baseline requirements that are identified by the Center for Internet Security. | Amazon Web Services |
|
| Amazon Web Services CIS Kubernetes Service Benchmark* | Validate that your Kubernetes Service resource configurations meet the baseline requirements that are identified by the Center for Internet Security. | Amazon Web Services |
|
| Caveonix Security Baselines for VMWare* | Validate that your VMWare resource configurations that run on IBM Cloud meet the baselines requirements that have been identified by Caveonix. | IBM Cloud |
|
| CIS Amazon Web Services Foundational Security Best Practices* | Validate that your resource configurations meet the baseline requirements that are identified by the Center for Internet Security. | Amazon Web Services |
|
| CIS IBM Cloud Foundations Benchmark | Validate that your resource configurations meet the baseline requirements that are identified by the Center for Internet Security. | IBM Cloud |
|
| CIS Amazon Web Services Well-architected Framework* | Validate that your resource configurations meet the baseline requirements that are identified by the Center for Internet Security. | Amazon Web Services |
|
| CIS Microsoft Azure Foundations Benchmark* | Validate that your resource configurations meet the baseline requirements that are identified by the Center for Internet Security. | Microsoft Azure |
|
| CIS Microsoft Azure Kubernetes Service Benchmark* | Validate that your Kubernetes Service resource configurations meet the baseline requirements that are identified by the Center for Internet Security. | Microsoft Azure |
|
| IBM Cloud Framework for Financial Services | IBM Cloud for Financial Services™ is an open platform that brings together independent software vendors (ISVs), Software as a Service (SaaS) providers,
and financial services institutions in a single ecosystem. In this secure cloud platform, you can rapidly develop and share innovative applications, APIs, data, and content to meet the unique business needs of your financial institution.
Through the IBM Cloud Framework for Financial Services, you can access a unified set of security and compliance controls, which was built specifically for and with the financial services industry. To address your evolving needs as a financial institution, IBM continuously validates these controls with global Councils of CSOs, CTOs, and CIOs from major banks, insurance providers, and regulatory advisors. The IBM Cloud for Financial Services profile provides you with a set of pre-configured automated goals that are mapped to the IBM Cloud Framework for Financial Services control requirements. The results of these tests help you validate compliance when you are using one of the references architectures for the IBM Cloud for Financial Services. |
IBM Cloud |
|
| IBM Cloud Kubernetes Service Benchmark | Validate that your Kubernetes Service resource configurations meet the baseline requirements that are identified by IBM Cloud. | IBM Cloud |
|
| IBM Cloud Red Hat OpenShift Kubernetes OCP4 | Validate that your Red Hat OpenShift Kubernetes Service resource configurations meet the baseline requirements that are identified by IBM Cloud. | IBM Cloud |
|
| C5:2020 | Validate that your resource configurations meet the baselines requirements that are identified in the Cloud Computing Compliance Controls Catalog by the Gernam Federal Office for Information Security. | IBM Cloud |
|
| ENS High | Validate that your resource configurations meet the baseline requirements that are identified in the National Security Scheme for Spanish agencies and organizations. | Multi-environment |
|
| ISMAP | Validate that your resource configurations meet the baseline requirements that are identified in the Japanese government program to assess the security of public cloud service providers (CSP). | IBM Cloud |
|
| NIST SP 800-53 | Validate that your resource configurations meet the baselines requirements that are identified by the National Institute of Standards and Technology | Multi-environment |
|
| PCI | Validate that your resource configurations meet the baseline requirements that are identified by the Payment Card Industry Data Security Standard. | Multi-environment |
|
| SOC 2 | Validate that your resource configurations meet the baselines requirements that are identified in the Service Organization Control reports issued by the American Institute of Certified Public Accountants. | IBM Cloud |
|
*Integration required