Continuous compliance monitoring
Automated daily scanning of cloud resources in GCC 2.0 for compliance with the Singapore Government’s ICT&SS Management Policy (previously known as IM8).
Consolidated dashboard view
Offers a single dashboard to view the security posture of cloud deployments and compliance statuses of cloud resources, with statistical trends and key risk indicators to help guide remediation efforts.
Step-by-step remediation guides
Provides instructions on how to remediate non-compliant cloud resources in the cloud console, using the Command-Line Interface (CLI) or through Infrastructure-as-Code (IaC) snippets. In addition, an IaC scanning script leveraging Checkov is available for developers to include within their CI/CD pipeline to check if their Terraform code is compliant.
In-built workflows
Provides workflows for managing compliance-related tasks.
Comprehensive glossary
Provides a mapping of cloud security controls to the Singapore Government’s ICT&SS Management Policy for easy reference.
Last updated 29 September 2023
Thanks for letting us know that this page is useful for you!
If you've got a moment, please tell us what we did right so that we can do more of it.
Did this page help you? - No
Thanks for letting us know that this page still needs work to be done.
If you've got a moment, please tell us how we can make this page better.