Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

AWS Penetration Testing

1

I was asked by a customer how often does AWS perform penetration testing as part of their compliance for SOC and ISO27001. I couldn't find this in the SOC compliance report. Can you share this information ?

Tópicos
Segurança, identidade e conformidade
Tags
Segurança, identidade e conformidade
Idioma
English
dannyb
feita há 3 meses167 visualizações
2 Respostas
2

Hi,

Did you check the reports available in https://aws.amazon.com/artifact/ ?

That's probably where you have the best chance to find this kind of information.

Best,

Didier

profile pictureAWS
ESPECIALISTA
Didier_Durand
respondido há 3 meses
profile picture
ESPECIALISTA
Gary Mclean
avaliado há 3 meses
1

I often get questions like this from customers: "How [often] does AWS do <insert thing here> to comply with <insert compliance program here>".

The answer is that we do those things in a way and as often as is required to be compliant with the program. There is no specific answer that we can provide to either the "how" or "how often" or even "what" question - that's up to use and our auditors to ensure that we are compliant.

The best place to find information about this is to look at the compliance program documentation - in there you'll find the answer to "how can you be compliant with this program" and that's what we do.

This sounds a bit evasive and isn't intended that way - but it's how organisations reach a state of compliance - by proving to their auditors that they have met the requirements of the program.

profile pictureAWS
ESPECIALISTA
Brettski-AWS
respondido há 3 meses

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante