Table of contents

Running A Proof Of Concept On Conformity

A proof of concept allows you to evaluate Conformity's capabilities and gives you the chance to evaluate Conformity at a deeper level. If you decide to run a POC on Cloud One Conformity, the following guidelines will increase the likelihood of success. They are divided into the following two sections and how we can assist you:

Entry Criteria

The Entry Criteria is a set of tasks that enable most of the functionality in the tool ensuring everything is in place to meet the Success Criteria.

  1. Applied for a Trial Account from https://cloudone.trendmicro.com/SignUp.screen
  2. Onboarded a cloud account

    Add An AWS Account

  3. Enabled Real-time monitoring

  4. Configured a Communications Channel

  5. Configured a basic Profile
  6. (Optional) Enabled Auto Remediate

Success Criteria

The following are pointers to success criterion you might consider to add to your own.

Visibility Use Cases

Do the rules cover critical use cases?

  • Can I increase the reliability of my workloads according to my own needs?
  • Can I increase the performance of my workloads?
  • Is access to resources and services configured according to my objectives (Access Control, Data Protection, Monitoring, etc)
  • Can I apply rule configurations to multiple accounts?
  • Can I generate reports based on Tags?

Remediation

Ensure Conformity can improve the configuration of your environments:

  • Automatically amend misconfiguration of resources
  • Provide automatic creation and closure of tickets
  • Facilitate manual remediation of findings:
  • Regular or ad-hoc findings report
  • Delegation via Email, tickets

Customization and Usability

Ensure Conformity can be configured to meet your own access, usability and configuration needs:

  • Adding custom rules and custom checks
  • Configure rules to match your risk appetite
  • Configure known exceptions to the rules
  • White-labeling reports

DevOps stories

Ensure Conformity can be integrated into your DevOps processes (CI/CD):

  • Provide early warning of misconfigurations in Infrastructure as Code, i.e. CloudFormation

Our assistance during your POC

During your POC we will provide the following assistance:

  • Regular meetings at your own cadence, i.e: track progress, review milestones
  • Technical assistance configuring the functionality in the Entry Criteria
  • Advise on using our Help Pages

The following functionality is not available during our free trial:

  • Access to the Conformity API
  • Configuration of SSO