Today we are super excited to announce the latest capability we added to our Terraform CI/CD solution, which is an absolute game-changer for compliance enforcement, ‘Proactive Compliance Packages’.
ControlMonkey Terraform CI/CD solution enables DevOps teams to enforce compliance and security policies proactively during the infrastructure CI/CD, and therefore prevent issues and misconfigurations in production.
So starting today, we are offering our users to enforce compliance standards such as PCI-DSS and CIS-AWS V1.4 on any Terraform pull request, and ControlMonkey will validate the resources configuration, as part of the infrastructure CI/CD.
DevOps teams no longer need to manually configure policies that represent the compliance standard their organization is obligated to, they can enforce that standard on any configuration change, in a few clicks.
By doing that, you’re actually preventing any non-compliant resources from reaching your production environment!
This capability enables DevOps teams to easily enforce the required Compliance standard proactively, rather than responding to non-compliant resources in production, and risk getting penalized for compliance violations.
Companies usually run compliance validations in a detective way, after the resources are deployed to production, using tools like AWS Security Hub.
‘Proactive Compliance Packages’ are comprised of ControlMonkey’s Managed Policies, built-in policies that are managed and constantly maintained by our engineering team.
If you are required to be PCI-DSS compliant, you can validate every resource’s compliance proactively, out of the box, with zero effort.
On top of that, users have enhanced customization and can enforce compliance using various enforcement levels and apply them to specific stacks or namespaces.
Shift left your infrastructure compliance, keep your environment in ‘Always-Compliant’ mode, and avoid paying unnecessary penalties.