Home / Controls

Controls

Security controls and questionnaire-style evidence normalized across supported trust-center providers. Showing 50 rows on page 2 of 237,202 total.

Control	Company	Provider	Status	Category	Updated
10.2 Audit logs are implemented to support the detection of anomalies and suspicious activity, and the forensic analysis of events.	Staq.io	Vanta Trust Center	documented	-	-
10.2.1	Xactus	Vanta Trust Center	documented	-	-
10.3 Audit logs are protected from destruction and unauthorized modifications.	Staq.io	Vanta Trust Center	documented	-	-
10.4 Audit logs are reviewed to identify anomalies or suspicious activity.	Staq.io	Vanta Trust Center	documented	-	-
10.4.1	Xactus	Vanta Trust Center	documented	-	-
10.4.1.1	Xactus	Vanta Trust Center	documented	-	-
10.4.2	Xactus	Vanta Trust Center	documented	-	-
10.4.2.1	Xactus	Vanta Trust Center	documented	-	-
10.4.3	Xactus	Vanta Trust Center	documented	-	-
10.5 Audit log history is retained and available for analysis.	Staq.io	Vanta Trust Center	documented	-	-
10.6 Time-synchronization mechanisms support consistent time settings across all systems.	Staq.io	Vanta Trust Center	documented	-	-
10.6.1	Xactus	Vanta Trust Center	documented	-	-
10.6.2	Xactus	Vanta Trust Center	documented	-	-
10.6.3	Xactus	Vanta Trust Center	documented	-	-
10.7.2	Xactus	Vanta Trust Center	documented	-	-
10.7.3	Xactus	Vanta Trust Center	documented	-	-
10Web's Code of Conduct	10Web	Vanta Trust Center	documented	-	-
11.1 Processes and mechanisms for regularly testing security of systems and networks are defined and understood.	Staq.io	Vanta Trust Center	documented	-	-
11.1.1	Xactus	Vanta Trust Center	documented	-	-
11.1.2	Xactus	Vanta Trust Center	documented	-	-
11.2.1	Xactus	Vanta Trust Center	documented	-	-
11.2.2	Xactus	Vanta Trust Center	documented	-	-
11.3 External and internal vulnerabilities are regularly identified, prioritized, and addressed.	Staq.io	Vanta Trust Center	documented	-	-
11.3.1	Xactus	Vanta Trust Center	documented	-	-
11.3.1.1	Xactus	Vanta Trust Center	documented	-	-
11.3.1.2	Xactus	Vanta Trust Center	documented	-	-
11.3.1.3	Xactus	Vanta Trust Center	documented	-	-
11.3.2	Xactus	Vanta Trust Center	documented	-	-
11.3.2	Archon Systems	Vanta Trust Center	documented	-	-
11.3.2.1	Xactus	Vanta Trust Center	documented	-	-
11.4 External and internal penetration testing is regularly performed, and exploitable vulnerabilities and security weaknesses are corrected.	Staq.io	Vanta Trust Center	documented	-	-
11.4.1	Xactus	Vanta Trust Center	documented	-	-
11.4.2	Xactus	Vanta Trust Center	documented	-	-
11.4.3	Xactus	Vanta Trust Center	documented	-	-
11.4.4	Xactus	Vanta Trust Center	documented	-	-
11.4.5	Xactus	Vanta Trust Center	documented	-	-
11.5.2	Xactus	Vanta Trust Center	documented	-	-
11.6 Unauthorized changes on payment pages are detected and responded to.	Staq.io	Vanta Trust Center	documented	-	-
11.6.1	Archon Systems	Vanta Trust Center	documented	-	-
11.6.1	Xactus	Vanta Trust Center	documented	-	-
12.1	PPRO	Vanta Trust Center	documented	-	-
12.1 A comprehensive information security policy that governs and provides direction for protection of the entity’s information assets is known and current.	Staq.io	Vanta Trust Center	documented	-	-
12.1.1	Xactus	Vanta Trust Center	documented	-	-
12.1.2	Xactus	Vanta Trust Center	documented	-	-
12.1.3	Xactus	Vanta Trust Center	documented	-	-
12.1.4	Xactus	Vanta Trust Center	documented	-	-
12.10 Suspected and confirmed security incidents that could impact the CDE are responded to immediately.	Staq.io	Vanta Trust Center	documented	-	-
12.10.1	Xactus	Vanta Trust Center	documented	-	-
12.10.1	Archon Systems	Vanta Trust Center	documented	-	-
12.10.2	Xactus	Vanta Trust Center	documented	-	-

Previous page Next page Reset

Get this page with API

Rendered from the bluedoor Trust Centers API. Reproduce it:

GET https://api.bluedoor.sh/trust-centers/v1/controls?limit=50&offset=50JSON

Docs · Get an API key