Standards Catalog - Review the list of built-in and custom compliance standards to monitor and audit your organization’s performance. - Administrator Guide - Cortex CLOUD

Cortex Cloud Runtime Security Documentation
Product
Cortex Cloud Application Security > Cortex CLOUD
License
Cloud Runtime Security
Creation date
2024-12-24
Last date published
2026-06-10
Category
Administrator Guide
Abstract

Review the list of built-in and custom compliance standards to monitor and audit your organization’s performance.

The Standards Catalog page displays cards of the available standards and their details, including:

  • Standard name

  • Type - System (built-in) or Custom

  • Release date

  • Description

  • Clickable links to associated controls, assessment profiles, and labels

standards_catalog.png
Table 6. Standards Catalog

Compliance Standard

Version

Australian Cyber Security Centre (ACSC) Essential Eight

Australian Cyber Security Centre (ACSC) Essential Eight - Level 1

Level 1

Australian Cyber Security Centre (ACSC) Essential Eight - Level 2

Level 2

Australian Cyber Security Centre (ACSC) Essential Eight - Level 3

Level 3

Australian Cyber Security Centre's (ACSC) Information Security Manual (ISM)

Australian Cyber Security Centre's (ACSC) Information Security Manual (ISM) Latest

Australian Energy Sector Cyber Security Framework (AESCSF)

1

Australian Energy Sector Cyber Security Framework (AESCSF) v2

2

Australian Energy Sector Cyber Security Framework (AESCSF) v2 - Lite Framework

2

Australian Prudential Regulation Authority (APRA) - CPS 234 Information Security

AWS Foundational Security Best Practices standard

1.2.0

AWS Well-Architected Framework

Azure Security Benchmark (v3)

3

Brazilian Data Protection Law (LGPD)

California Consumer Privacy Act (CCPA)

2018

CIS Amazon Elastic Kubernetes Service (EKS) Benchmark

1.4

CIS Amazon Elastic Kubernetes Service (EKS) Benchmark v1.7.0

1.7.0

CIS Amazon Linux 2 Benchmark

1.0.0

CIS Amazon Linux 2 STIG Benchmark

2.0.0

CIS Amazon Web Services Foundations Benchmark v3.0.0 - Level 1

3.0.0

CIS Amazon Web Services Foundations Benchmark v3.0.0 - Level 2

3.0.0

CIS Amazon Web Services Foundations Benchmark v4.0.0 - Level 1

4.0.0

CIS Amazon Web Services Foundations Benchmark v4.0.0 - Level 2

4.0.0

CIS Amazon Web Services Foundations Benchmark v5.0.0 - Level 1

5.0.0

CIS Amazon Web Services Foundations Benchmark v5.0.0 - Level 2

5.0.0

CIS Amazon Web Services Foundations Benchmark v6.0.0 - Level 1

6.0.0

CIS Amazon Web Services Foundations Benchmark v6.0.0 - Level 2

6.0.0

CIS AWS Storage Services Benchmark

1.0.0

CIS Azure Kubernetes Service (AKS) Benchmark

1.5

CIS Azure Kubernetes Service (AKS) Benchmark v1.8.0

1.8.0

CIS Critical Security Controls v8

8

CIS Critical Security Controls v8.1

8.1

CIS Distribution Independent Linux

2.0.0

CIS Docker Benchmark

1.7.0

CIS GitHub Benchmark

1.0.0

CIS GitLab Benchmark

1.0.1

CIS Google Cloud Platform Foundation Benchmark v3.0.0 - Level 1

3.0.0

CIS Google Cloud Platform Foundation Benchmark v3.0.0 - Level 2

3.0.0

CIS Google Cloud Platform Foundation Benchmark v4.0.0 - Level 1

4.0.0

CIS Google Cloud Platform Foundation Benchmark v4.0.0 - Level 2

4.0.0

CIS Google Kubernetes Engine (GKE) Benchmark

1.6

CIS Google Kubernetes Engine (GKE) Benchmark v1.8.0

1.8.0

CIS Kubernetes Benchmark

1.11.0

CIS Microsoft Azure Foundations Benchmark v3.0.0 - Level 1

3.0.0

CIS Microsoft Azure Foundations Benchmark v3.0.0 Level 2

3.0.0

CIS Microsoft Azure Foundations Benchmark v4.0.0 - Level 1

4.0.0

CIS Microsoft Azure Foundations Benchmark v4.0.0 - Level 2

4.0.0

CIS Microsoft Azure Foundations Benchmark v5.0.0 - Level 1

5.0.0

CIS Microsoft Azure Foundations Benchmark v5.0.0 - Level 2

5.0.0

CIS Microsoft Azure Storage Services Benchmark

1.0.0

CIS Microsoft Windows 11 Enterprise Benchmark

4.0.0

CIS Microsoft Windows Server 2016 Benchmark

3.0.0

CIS Microsoft Windows Server 2019 Benchmark

3.0.1

CIS Microsoft Windows Server 2022 Benchmark

3.0.0

CIS Oracle Cloud Infrastructure Foundations Benchmark v.2.0.0 - Level 1

2.0.0

CIS Oracle Cloud Infrastructure Foundations Benchmark v.2.0.0 - Level 2

2.0.0

CIS Oracle Cloud Infrastructure Foundations Benchmark v.3.0.0 - Level 1

3.0.0

CIS Oracle Cloud Infrastructure Foundations Benchmark v.3.0.0 - Level 2

3.0.0

CIS Red Hat OpenShift Container Platform

1.7.0

Cloud Security Assurance Program (CSAP) - IaaS

IaaS

Cloud Security Assurance Program (CSAP) - Low

Low

Cloud Security Assurance Program (CSAP) - Low SaaS

Low SaaS

Cloud Security Assurance Program (CSAP) - SaaS Simplified

SaaS Simplified

Cloud Security Assurance Program (CSAP) - SaaS Standard

SaaS Standard

CSA Cloud Controls Matrix (CCM)

4.0.12

CSA Cloud Controls Matrix (CCM) v4.0.6

4.0.6

Cyber Risk Institute (CRI) Profile v1.2.1

1.2.1

Cyber Risk Institute (CRI) Profile

2

Cyber Risk Institute (CRI) Profile

2.1

CyberSecurity Law of the People's Republic of China

Cybersecurity Maturity Model Certification (CMMC)

1.02

Cybersecurity Maturity Model Certification (CMMC) Level 1

2

Cybersecurity Maturity Model Certification (CMMC) Level 2

2

Digital Operational Resilience Act (DORA)

EU AI Act

Federal Financial Institutions Examination Council (FFIEC)

FedRamp (High)

Fedramp (Low)

Low

Fedramp (Moderate)

Moderate

Framework for Adoption of Cloud Services by SEBI Regulated Entities (REs)

General Data Protection Regulation (GDPR)

Health Insurance Portability and Accountability Act (HIPAA)

HITRUST CSF

11.2.0

HITRUST CSF

11.7.0

HITRUST CSF v9.6.0

9.6.0

Information Technology Security Guidance (ITSG-33)

Insurance Regulatory And Development Authority Of India

1

ISO/IEC 27001:2022

2022

ISO/IEC 27002:2022

2022

ISO/IEC 27017:2015

2015

ISO/IEC 27018:2019

2019

ISO/IEC 42001:2023

2023

Korea – Information Security Management System (ISMS)

Korea – Information Security Management System (ISMS) For Finance

-

MAS Technology Risk Management (TRM)

2021

Microsoft Cloud Security Benchmark

1

MITRE ATT&CK Cloud IaaS for Enterprise

15.1

Motion Picture Association (MPA) Content Protection Best Practices

4.08

Multi-Level Protection Scheme (MLPS) v2.0 - Level 1

2

Multi-Level Protection Scheme (MLPS) v2.0 - Level 2

2

Multi-Level Protection Scheme (MLPS) v2.0 - Level 3

2

NCSC - Cloud Security Principles

2.1

NCSC - Cyber Essentials

3.1

NEW YORK STATE DEPARTMENT OF FINANCIAL SERVICES (NYDFS) 23 CRR-NY 500.0

New Zealand Information Security Manual (NZISM)

3.4

New Zealand Information Security Manual (NZISM)

3.9

NIST AI 600-1

NIST SP 800-172

NIST Cybersecurity Framework (CSF)

2

NIST Cybersecurity Framework (CSF) v1.1

1.1

NIST SP 800-171 Rev. 2

Rev 2

NIST SP 800-171 Rev. 3

Rev 3

NIST SP 800-53 Rev. 5

Rev 5

Otoritas Jasa Keuangan (OJK)

38/POJK.03/2016

OWASP Top 10 for Agentic Applications

2026

OWASP TOP 10 CI/CD Security Risks

2025

OWASP Top 10 for LLM Applications 2025

PCI DSS v4.0.1

4.0.1

Personal Information Protection and Electronic Documents Act (PIPEDA)

RBI Baseline Cyber Security and Resilience Requirements

Risk Management in Technology (RMiT)

Sarbanes Oxley Act (SOX)

SEBI - Consolidated Cybersecurity and Cyber Resilience Framework (CSCRF)

Secure Controls Framework (SCF)

2024.2

Secure Controls Framework (SCF) v2022.2.1

2022.2.1

SOC 2

Telecommunications Security Act (TSA)

Texas Risk and Authorization Management Program (TX-RAMP) - Level 1

Level 1

Texas Risk and Authorization Management Program (TX-RAMP) - Level 2

Level 2

The Digital Personal Data Protection Act 2023

Trusted Information Security Assessment Exchange (TISAX)

6