Compliance Manager
The Compliance Manager feature provides you with an overview of the general compliance status of your organization’s endpoints relative to recognized standards. It offers access to a a list of individual control names, the sections they belong to, and the score assigned to each control. Additionally, it includes a feature for generating compliance reports with a single click. As a guideline, controls are procedures that an organization implements to ensure it adheres to applicable industry standards and regulations.
The product gives your company access to the following capabilities:
Streamlined compliance monitoring: Quickly identify areas of non-compliance and take corrective actions.
Efficient reporting: Generate comprehensive compliance reports with a single click, facilitating audits and internal reviews.
Customizable views: Tailor the Compliance Manager dashboard to focus on specific standards or controls relevant to your organization.
Start exploring the Compliance Manager
The Compliance Manager does not provide a trial version. Instead, companies with Risk Management as part of their license also have access to the Compliance Manager, which includes data and reporting functionality for the basic standard Bitdefender Cyber Hygiene Baseline for Windows, at no extra cost.
However, to access and download reports for advanced standards, such as CIS, GDPR, DORA, and SOC 2, a Compliance Manager add-on license is required.
To start exploring the benefits of the Compliance Manager, follow the steps below:
Log in to GravityZone with your administrator account.
Under the Risk management section in the main menu, go to the Compliance manager page.
Use the options on the page to learn about the compliance posture of your company.
You will notice that you only have access to the Cyber Hygiene - Windows base standard, with limited information. All advanced standards are locked
If necessary, run a Risk scan on the Risk management > Findings page for the latest compliance data in your network.
Depending on the license you use, you can learn more about the full Compliance Manager experience and obtain the Compliance Manager add-on as follows:
If you are using a GravityZone yearly license, click the
button on the upper right side of the console to access the Products hub page.Read the available materials and click the Contact us button to talk with a Bitdefender representative.
If you are using a GravityZone license with monthly subscription, contact your partner or access the Bitdefender website and read about the Compliance Manager.
Using the feature
To start using this feature, go to the Compliance manager page under the Risk management section of the GravityZone Control Center main menu.
You can assess the compliance posture of your company by using the following options:
The Smart views panel toggle button. This feature allows you to customize, save, and switch between different configurations of the Compliance page.
The panel has the following sections:
Search views - Use this search field to filter out the views displayed in the sections below, by name.
Saved - This section displays a list of all your saved views that have not been marked as favorites.
Favorites - All views marked as favorites are displayed under this section.
Defaults - This section displays the views that are available by default:
Compliance posture
For any view in the Saved or Favorites category, you can click the vertical ellipses
to Rename or Delete the view.The View options menu. This section provides you with multiple functions for working with views:
Save - Save changes you make to a saved view.
Save as - Save a modified view under a different name.
Discard changes - Revert the saved view to its original state.
Add to favorites - Add the view to the Favorites category.
Show or hide filters - Hide or display the filters menu.
Open settings - Display the Settings panel.
You can use this panel to customize what columns are displayed in the view and enable or disable the Compact view.
The Compliance overview. This section displays four key values that provide an immediate summary of your organization's compliance status in relation to the currently selected compliance standard. These values include:
Overall compliance - Displays what percentage of the total number of verified checks have been found to be compliant.
Compliant checks - Shows the total number of checks that have been verified and confirmed to meet compliance requirements.
Non-compliant checks - Indicates the total number of checks that have been verified but found not compliant.
Ignored checks - Lists the total number of checks that have been manually flagged by the organization as exempt from risk score and compliance score calculation.
Note
This information is based on the settings configured in the Filters section and is compiled using Cyber Hygiene - Windows base standard.
Information restricted due to the selected standard being unavailable with your current GravityZone license is marked with a triple asterisk (***).
The Download report button. Clicking the button will display a confirmation window, where you can select the compliance standard for which you want to display data for and the format in which you want to generate the report:
Supported formats:
PDFandXLSX.The Filters section. You can use these options to customize the risks that are displayed in the below grid and in the Compliance overview section. The following filters are currently available:
Filter name
Description
Compliance standard
Select the compliance standard for which you want to display data.
By default, the only available standard is Cyber Hygiene - Windows. Standards that unavailable with your current GravityZone license are marked with a lock icon.
Score
Select a score range between 1 and 100.
Only controls with a risk score between these values are displayed.
The Compliance grid. This section displays a list of all checks found under the compliance standard selected in the Filters section. The information available for each compliance is displayed under these columns:
Control name - The name of the compliance control.
Control ID - The ID of the compliance control.
Section name - The name of the section in the compliance standard where the control can be found.
Section ID - The name of the section in the compliance standard where the control can be found.
Score - The compliance score of the control.
Note
Running a new Risk Scan on the company's endpoints may change existing score values.
Compliant - Indicates how many checks have been identified as compliant under the scope of the selected control.
Note
Clicking on any line in the grid displays the Additional information side panel for the control displayed on that line.
For details about how to use this feature, refer to extended documentation for Compliance Manager.
More in-depth use of Compliance Manager
As a partner, you can monitor the Compliance Manager add-on usage of your customers with monthly subscription with the help of the Simplified Monthly License Usage and full Monthly License Usage reports. You can generate these reports in the Reports section of the GravityZone Control Center menu. For more details, refer to ???.
You can also automate business workflows using the GravityZone public API. Data related to Compliance Manager is available with the following methods:
createCompanyunder Companies APIgetLicenseInfo,setMonthlySubscription,getMonthlyUsage, andgetMonthlyUsagePerProductTypeunder Licensing APIgetNetworkInventoryItemsunder Network API