Compliance
The Compliance module in Sysdig Secure is comprised of a validator tool that checks selected controls from various compliance standards, and the reports it compiles. New standards are being added regularly. At this time, checks are provided against specific controls in:
PCI 3.2
SOC2
NIST 800-53 rev4 and NIST 800-53 rev5
The validator checks many Sysdig Secure features, including: image scanning policies, Falco runtime policies and rules, scheduled benchmark testing, Admission Controller, Network Security Policies, Node Image Analyzer, and more. Over time we will add new compliance coverage.
Disclaimer: Sysdig cannot check all controls within a framework, such as those related to physical security.
Note
The Benchmarks module, formerly listed in the left-hand navigation bar, is now a subset of Compliance.
Use Compliance Reports
Access the Compliance Module
Sysdig Secure admin: Enable the feature under
Settings > Sysdig Labs
.Click the
Compliance
icon in the left-hand navigation.
Review a Report
Each of the standards controls is checked when you visit the Compliance page and it always shows the current state in your environment.

Compliance Report Summary
The top section of the page presents the compliance report summary, with the Pass|Fail summary data.
Pass %: Total percentage of all available checks that have passed
Passed: Total number of controls implemented that Sysdig was able to validate
Failed: Total number of controls not implemented that Sysdig was able to validate
Unchecked: Total number of controls that Sysdig configured to check but unable to validate (i.e. unavailable API at the time of validation)
Total Controls: Total number of controls Sysdig is configured to check
Control Report and Common Fixes
The controls are grouped together under collapsable sections of “control families."

Open them to see each control description with a link to either the:
Proof: Link to the implemented Sysdig feature that permitted the control to pass, or the
Remediation: Link to the Sysdig feature that must be implemented to pass a check within the control
The Rationale is the reason an implemented Sysdig feature will pass a check within the control.
The Common Fixes section on the left consolidates the links for enabling Sysdig features in order to pass the control checks.
Control Details
PCI Controls Implemented
The PCI Quick Reference describes the full range of controls required to pass a PCI 3.2 audit. In this release, Sysdig Secure will check the following subset:
1.1.2,1.1.3, 1.1.6., 2.2, 2.2.1, 2.2.2, 2.2.a, 2.4 , 2.6, 4.1, 6.1, 6.2, 6.4.2, 6.5.1, 6.5.6, 6.5.8, 7.1.2, 7.2.3, 10.1, 10.2, 10.2.1, 10.2.2, 10.2.3, 10.2.6, 10.2.7, 10.3, 10.5.5, 10.6.1, 11.4, 11.5.a, 11.5.b
SOC2 Controls Implemented
The American Institute of CPAs (AICPA) describes the full range of controls required to pass a SOC 2 audit. In this release, Sysdig Secure will check the following subset:
CC3.2, CC5.1, CC5.2, CC6.1, CC6.2, CC6.6, CC6.8, CC7.1, CC7.2, CC7.5, CC8.1, CC9.1
NIST 800-53 rev4 and rev5 Controls Implemented
The National Institute of Standards and Technology (NIST) Special Publication 800-53 revision 4 describes the full range of controls required to pass a NIST 800-53 audit. In this release, Sysdig Secure will check the following subset:
AC-2, AC-2(4), AC-2(12), AC-3, AC-4, AC-4(17), AC-6, AC-6(1), AC-6(2), AC-6(3), AC-6(5), AC-6(6), AC-6(9), AC-6(10), AC-14, AC-17, AC-17(1), AC-17(3), AC-17(4), AU-2, AU-6, AU-6(8), AU-10, AU-12, CA-9, CM-3, CM-3(6), CM-5, CM-7, CM-7(1), CM-7(4), IA-3, SA-10, SA-15(10), SC-2, SC-4, SC-7, SC-7(3), SC-7(10), SC-8, SC-8(1), SC-12(3), SC-17, SC-39, SI-3, SI-3(1), SI-3(2), SI-4, SI-4(2), SI-4(4), SI-4(11), SI-4(13), SI-4(18), SI-4(20), SI-4(22), SI-4(23), SI-4(24), SI-7, SI-7(3), SI-7(9), SI-7(11), SI-7(12), SI-7(13), SI-7(14), SI-7(15)
Special Publication 800-53 revision 5 was published in September 2020 and includes some modifications. For 12 months both revisions will be valid, and revision 4 will be deprecated in September 2021. In this release, Sysdig Secure will check the following subset of NIST 800-53 rev5:
AC-2, AC-2(4), AC-2(12), AC-3, AC-4, AC-4(17), AC-6, AC-6(1), AC-6(2), AC-6(3), AC-6(5), AC-6(6), AC-6(9), AC-6(10), AC-14, AC-17, AC-17(1), AC-17(3), AC-17(4), AC-17(10), AU-2, AU-6, AU-6(8), AU-10, AU-12, CA-3(6), CA-7(4), CA-7(5), CA-9, CM-3, CM-3(6), CM-3(7), CM-3(8), CM-4, CM-4(2), CM-5, CM-5(1), CM-7, CM-7(1), CM-7(4), CM-7(6), CM-7(7), CM-7(8), CM-8, CM-11(3), IA-3, MA-3(5), MA-3(6), PM-5(1), RA-3(4), RA-10, SA-10, SA-15(10), SA-23, SC-2, SC-4, SC-7, SC-7(3), SC-7(10), SC-7(25), SC-7(26), SC-7(27), SC-7(28), SC-7(29), SC-8, SC-8(1), SC-12(3), SC-17, SC-39, SC-50, SI-3, SI-4, SI-4(2), SI-4(4), SI-4(11), SI-4(13), SI-4(18), SI-4(20), SI-4(22), SI-4(23), SI-4(24), SI-4(25), SI-7, SI-7(3), SI-7(9), SI-7(12), SI-7(15)