Cloud 101CircleEventsBlog
Master CSA’s Security, Trust, Assurance, and Risk program—download the STAR Prep Kit for essential tools to enhance your assurance!

STAR Registry Listing for

Syndicate Rule Engine

Founded in 2013 by the Cloud Security Alliance, the Security Trust Assurance and Risk (STAR) registry encompasses key principles of transparency, rigorous auditing, and cloud security and privacy best practices.

Syndicate Rule Engine

Syndicate Rule Engine

EPAM Syndicate Rule Engine is a solution that allows checking and assessing virtual infrastructures in AWS, Azure, GCP infrastructures against different types of standards, requirements and rulesets.

By default, the solution covers hundreds of security, compliance, utilization and cost effectiveness rules, which cover world known standards like GDPR, PCI DSS, CIS Benchmark, and a bunch of others.

The product allows to perform:

On-demand scan – a scan initiated by an operator or a 3rd party system at the moment considered proper by them.

Scheduled scan – a scan that is performed according to a specific schedule.

Event Driven scan – granular scans of updated pieces of infrastructure, triggered by native events received directly from a customer’s Cloud Account.

The result of a scan is a list of vulnerabilities and metadata of the scan that can be used to generate 20+ analytics reports (delivered as emails) for different organization levels: Chief, Department, Project, Operational.

New rules can be added to the solution by the customer request to cover their specific requirements and expectations.

View other services by EPAM:

Information about Syndicate Rule Engine
Listed Since: 11/16/2023
Last Updated: 11/16/2023

STAR Level 1

Self-Assessment & Partner-Provided

Consensus Assessments Initiative Questionnaire v4.0.2

CAIQ 4.0.2 Self-assessment
Offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services. It provides a set of Yes/No questions a cloud consumer and cloud auditor may wish to ask of a cloud provider to ascertain their compliance to the CSA Cloud Controls Matrix (CCM).
(Deprecated)
Deprecated assessments do not necessarily indicate non-compliance. In this case, the self-assessment has not been updated in more than one year. We suggest contacting this organization directly to request that they submit an updated self-assessment.