Creating a compliance profile
Create a compliance profile to indicate the specific compliance catalogs and controls to assess when a compliance scan is uploaded.
A compliance profile represents a subset of controls from a compliance catalog. Each profile specifies a set of rules the scan uses to assess the overall compliance of your application environments. Profiles are used to assess your application components and environments in the context of its control baseline.
Instructions
Compliance profile is a subset of controls out of existing catalogs. The profile should adhere to the scan results uploaded. To create a compliance profile in Concert:
- Navigate to .
- Click Profiles.
- Click Create profile.
- Enter a name for the profile.
- Enter a description.
- Adjust the version number as needed.
- Click the drop down menu next to Select one or more catalogs and click to enable the check box(es) next to the relevant compliance catalog(s).
- Under Select controls, select the check box next to the name of the catalog to apply all controls within that catalog, or click to expand the catalog details to select individual controls to apply to this profile. As you select controls, they appear under Selected items.
- Click Create.
Based on the selected profile and scan results, Concert calculates a compliance score and determines the level of compliance: High, Medium, or Low. Refer to Uploading a compliance scan for details and instructions.