Skip to main content

Cloud Compliance

Cloud Compliance is the framework-based cloud scanning surface in Cloudgeni. Use it when you want a control or requirement view of live cloud posture rather than raw provider findings or repository-only scan output.

Where It Lives

In the app, use Compliance -> Cloud Compliance. Programmatically, the backing scan flow is the cloud infra scan API with the prowler-ocsf analysis engine.

What You Need First

  • An active cloud integration
  • Enough read access to inventory the account meaningfully
Git is not required to view framework findings, but it becomes important once you want to remediate through repository changes.

What The View Gives You

The current implementation is built around:
  • Cloud account selection
  • Framework selection
  • Requirement-oriented findings
  • Search and filtering
  • Severity summaries
  • PDF export
That makes it a better fit for posture review and audit preparation than the cloud monitor view.

What It Is Not

Cloud Compliance helps you map findings to frameworks. It does not issue certification or attestation on its own. Treat it as an operational evidence and prioritization surface.

Framework Coverage

Framework availability varies by provider. Use Compliance Frameworks for the provider-to-framework view that matches the current code.

Compliance Frameworks

See which frameworks are actively wired for which providers.

Cloud Monitors

Use native provider findings when you want raw AWS Security Hub or Azure Defender signals.