SOX - Compliance - Cortex - Cortex

Compliance Dashboards and Reports

Product
Cortex
Creation date
2023-11-22
Last date published
2024-09-25
Category
Compliance
sox_compliance_dashboard.png

The Sarbanes-Oxley (SOX) was a law passed by the United States Congress in response to corporate financial councils. Although the law mainly focuses on financial reporting and accountability, some requirements within the regulation mandate cybersecurity guidelines.

Link to SOX documentation: https://www.sec.gov/files/rules/proposed/s74002/card941503.pdf

Link to download SOX content pack: https://cortex.marketplace.pan.dev/marketplace/details/XSIAMCompliance_SOX/

SOX

Widget Name

Description

SOX Section 302: Access Control

Access Control

Implement policies and procedures to monitor access to systems. Use this widget to query login events.

SOX 302: Configuration Management

Policy/Config Management

Implement policies and procedures to monitor and maintain secure configurations. Use this widget to query host application versions.

SOX 302: Incident Response

Threat Protection/Incident Response

Implement policies and procedures to detect, respond to, and recover from security incidents. Use this widget to query incidents.

SOX Section 302.5.A - 302.5.B: Detect Security Breaches

Continuous Monitoring

Implement policies and procedures to assess, authorize, and monitor systems. Use this widget to query RDP and SMB access.

SOX 302: Audit and Accountability

Audit Controls

Implement policies and procedures to monitor, record, and review system activities. Use this widget to query active directory information.

SOX Section 302: Track Data Access

PII/PHI/Data Access

Implement policies and procedures to limit access to PII. Use this widget to query outbound requests.

V1 required data source(s): XDM

V2 required data source(s): xdr_data, host_inventory, endpoints, incidents, pan_ngfw_traffic_raw

Requirements

This compliance pack pulls information from Cortex XSIAM that has been ingested and mapped to the following data sources. In order for the dashboards and reports to function properly it is important that these sources have ingested data.