With customers like Rapyd, Coralogix, and ReasonLabs already benefiting from compliance visibility, ControlMonkey is raising the bar for proactive cloud governance.
For teams managing their Terraform, OpenTofu, or Terragrunt environments, compliance is often a moving target. The new Cloud Compliance Dashboard in ControlMonkey delivers a unified, drill-down view into your compliance posture across AWS, Azure, and GCP helping you identify gaps before they turn into risks.
Introducing Cloud Compliance Dashboarding
The Compliance Dashboard gives DevOps and Cloud managers the ability to select relevant standards, track consolidated scores, and drill down into failed controls and resources.
Supported frameworks include:
- CIS Benchmarks (2.0, 2.1, 3.0)
- PCI DSS 4.0
- HIPAA Security Rule
- MITRE ATT&CK
- ENS_RD2022 (Spanish National Security Framework)
- DORA Regulation
- And more – Full List below
Teams can move from high-level compliance scores down to specific failed checks, pinpoint which resources triggered non-compliance (for example, an exposed EC2 instance), and shift compliance from reactive audits to proactive prevention.
Stay Ahead with Cloud Governance and Infrastructure Control
The dashboard provides decision-makers with measurable clarity. I Teams can continuously check compliance instead of just reacting to audit findings. They can enforce IaC policies on a large scale and strengthen infrastructure pipelines. This means:
- Improved visibility into your compliance score
- Reduced risk with drill-down checks at the resource level
- IaC alignment through proactive enforcement
- Scalable governance across multi-cloud environments
“When teams gain full visibility and proactive compliance controls, they stop reacting to problems and start preventing them. That’s how you consistently raise your compliance score.” said Ori Yemini, CTO, ControlMonkey
Customer Perspectives
2 of Control monkey customers already enjoying full IaC coverage visibility:
More IaC coverage means fewer security issues — period. What stood out with ControlMonkey was how easy it became to do things the right, modern way. When infrastructure and security teams can finally collaborate by design, that’s when security actually works
As a company that manages huge clusters of AWS resources, the ControlMonkey Platform and specifically its GitOps pipeline capabilities is an integral part of our infrastructure deployment process, enabling us to shift left our infrastructure policies, best practices, and guardrails to make sure our production environment is stable, compliant and secure
See it for yourself
Join our next Product Showdown to experience the Cloud Compliance Dashboard in action.
Supported Frameworks include:
Find below full list of framework support by cloud provider:
AWS
- CISA
- SOC 2
- CIS Benchmarks (1.4, 1.5, 2.0, 3.0, 4.0.1, 5.0)
- MITRE ATT&CK
- GDPR
- AWS Foundational Security Best Practices
- ISO/IEC 27001:2013 & 2022
- KISA ISMS-P 2023 (incl. Korean version)
- HIPAA Security Rule
- GxP 21 CFR Part 11
- GxP EU Annex 11
- NIST 800-171 Rev 2
- NIST 800-53 Rev 4 & Rev 5
- PCI DSS 4.0 & PCI DSS 3.2.1
- AWS Well-Architected Framework (Security & Reliability Pillars)
- AWS Account Security Onboarding
- AWS Foundational Technical Review
- AWS Audit Manager Control Tower Guardrails
- NIST Cybersecurity Framework (CSF) 1.1
- ENS_RD2022
- RBI Cyber Security Framework
- FFIEC Cybersecurity Assessment
- FedRAMP (Low & Moderate, Rev 4)
- NIS2 Directive
Azure
- PCI DSS 4.0
- SOC 2
- ISO/IEC 27001:2022
- CIS Benchmarks (2.0, 2.1, 3.0, 4.0)
- ENS_RD2022
- MITRE ATT&CK
- NIS2 Directive
GCP
- MITRE ATT&CK
- SOC 2
- CIS Benchmarks (2.0, 3.0, 4.0)
- ENS_RD2022
- PCI DSS 4.0
- ISO/IEC 27001:2022
- NIS2 Directive
Author
