Learn the process of automatically testing your controls with Microsoft Defender for Cloud
The process of continuous control monitoring (CCM) involves continuously testing technical controls to validate if they are functioning in alignment with your organization’s security and compliance requirements. 6clicks can automate this process by harnessing surveillance features and real-time alerts from Microsoft Defender for Cloud, which provides end-to-end protection for cloud-native applications.
Key features of 6clicks’ CCM include:
- Automated control tests – Conduct automated control tests and get instant alerts for control failures, configuration errors, or security incidents. With automatic documentation of test results, users can streamline evidence collection and facilitate proactive remediation of issues.
- Manual control tests – 6clicks equips users with hybrid control testing functionality, allowing you to perform both automated and manual control tests. Verify compliance and ensure that control tasks are being performed through responsibilities and corresponding documentation attached to manual control tests.
- Reporting – Gain in-depth insights into control performance through 6clicks’ built-in reporting feature. Access automatically generated reports on the success rate and overall coverage of control tests to improve control effectiveness and overall compliance.
Supported 6clicks Authorities are:
- ISO 27001:2013 Annex A
Start monitoring your controls
Firstly, ensure that Microsoft Defender for Cloud is connected.
Next, go to the Controls module and select the control set containing the control you want to conduct tests on. Once the Control Set Builder modal opens, the status should be in Edit mode before you click on a control.
Upon choosing a control, navigate to the Linked Data tab on the side panel.
Under Tests, click the Create Test icon + to start a new test for the control.
Going back to the Control Set Builder modal, click the Status button and select Publish to apply the changes to the control set. At 6clicks, results for automated tests are automatically collected or polled once every 24 hours.
To manually trigger the polling of test results for all controls enabled for auto-monitoring, click on More > Tests > Poll all automated tests. You will then be alerted that automated test polling has started.
This action runs all automated tests together and logs new test results for the selected controls.
Once the polling is completed, you will get a notification, and you can then view the result for the control test you previously created.
For failed control tests, Microsoft Defender for Cloud provides recommendations on how the control can be improved. This will be included in Test result details > Details.
Test result details also include links that users can access with their Microsoft Azure account to view more information about the recommendations. You can then create issues in 6clicks and assign tasks to your team members to easily action and track these recommendations, allowing you to address compliance gaps promptly.
With automated control tests powered by Microsoft Defender for Cloud, you can quickly identify recommendations for your controls and implement corrective actions to remain compliant with regulatory and security requirements.