Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

AWS Penetration Testing

1

I was asked by a customer how often does AWS perform penetration testing as part of their compliance for SOC and ISO27001. I couldn't find this in the SOC compliance report. Can you share this information ?

Argomenti
Sicurezza, identità e conformità
Tag
Sicurezza, identità e conformità
Lingua
English
dannyb
posta 4 mesi fa167 visualizzazioni
2 Risposte
2

Hi,

Did you check the reports available in https://aws.amazon.com/artifact/ ?

That's probably where you have the best chance to find this kind of information.

Best,

Didier

profile pictureAWS
ESPERTO
Didier_Durand
con risposta 4 mesi fa
profile picture
ESPERTO
Gary Mclean
verificato 4 mesi fa
1

I often get questions like this from customers: "How [often] does AWS do <insert thing here> to comply with <insert compliance program here>".

The answer is that we do those things in a way and as often as is required to be compliant with the program. There is no specific answer that we can provide to either the "how" or "how often" or even "what" question - that's up to use and our auditors to ensure that we are compliant.

The best place to find information about this is to look at the compliance program documentation - in there you'll find the answer to "how can you be compliant with this program" and that's what we do.

This sounds a bit evasive and isn't intended that way - but it's how organisations reach a state of compliance - by proving to their auditors that they have met the requirements of the program.

profile pictureAWS
ESPERTO
Brettski-AWS
con risposta 4 mesi fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente