Uptycs for SOC 2 Compliance
We help you meet AICPA-designed controls and prove the security, availability, processing integrity, confidentiality, and privacy of your systems used to process customer data.
Visibility & Validation
Uptycs makes demonstrating compliance easy and provides thorough asset visibility.
-
Zero-in on any given asset’s security posture, provenance, and prevalence
-
Gain live and historical access to processes, files, certificates, and other attributes
-
Benefit from comprehensive live audit support
Measurable Compliance Posture
Gain detailed compliance posture information to make identifying non-compliant assets much simpler.
-
View customizable dashboard visualizations of compliance posture
-
Identify where you need to target your remediation efforts
-
Drill down into non-compliant assets to get associated evidence and remediation guidance
-
Instantly see the latest failed configuration checks, most non-compliant resources, time to resolve non-compliance, and much more.
-
Integrations with Splunk, ServiceNow and other ticketing & SOAR systems
Requirements and Controls
Set your security controls to meet compliance requirements while also making security-forward decisions to level up your defense arsenal.
-
Leverage telemetry-powered behavioral detection, including IDS, to spot IoCs and IoBs and see them mapped to MITRE ATT&CK
-
Get multi-method malware detection including YARA scanning and integration with third-party file reputation databases
-
Utilize FIM for directories and files, with out-of-the-box sensitive folder and file detection
-
Establish policy baselines and receive comprehensive monitoring, alerting and reporting on anomalous events
-
Harness the power of lateral movement detection to see exactly how a threat attempts propagation within your network
SOC 2 Capabilities of Uptycs Unified CNAPP and XDR
Explore the full list of capabilities that support your SOC 2 compliance requirements:
Asset Inventory Audit
Instant visibility into security posture of an asset
Read More
Asset Inventory Audit
- Instant visibility into security posture of an asset
- Random asset selection at scale for auditing with comprehensive insight support
- Asset provenance: serial, h/w, configs, users, network, inventory, detections, certificates and compliance
- Asset prevalence: Rare startup, paths, packages, users, access and processes as % of cohort
- Asset prevalence: Comparison of asset vs cohort: users, shell access, compliance failures and more
- Live and historical access to: processes, files, certificates and attributes and artifacts
- Comprehensive Live Audit support
CIS Audit
OS distribution independent and distro dependent benchmarking and audit
Read More
CIS Audit
- OS distribution independent and distro dependent benchmarking and audit
- Over 200 comprehensive checks for rich audit
- Customizations for scoring, exclusion, parameterization of audit benchmark
- Inline CIS definitions and prescriptions
- Evidence capture from each run
- High fidelity and lightweight telemetry-based continuous compliance and monitoring
- Telemetry-based live and continuous audit and compliance support
- High-speed audits to support 24x7 monitoring
- Structured audit and results to find problems and improve security hygiene
Custom Audit & Compliance
Granular and customizable checks
Read More
Custom Audit & Compliance
- Granular and customizable checks
- Configuration support for scoring, parameterization of checks
- Composable checks that span multiple standards (PCI, SOC, etc.)
- Recomposable checks to create custom audit and compliance standards
- Captured structured evidence
- Established golden baselines
- Integrations with Splunk, ServiceNow and other ticketing and SOAR systems
- Customizable alerts, reports and dashboards
SOC 2 Controls Audit
Over 200 controls with CIS-based baseline per SOC-2 recommendations
Read More
SOC 2 Controls Audit
- SOC 2 Audit support: Over 200 controls with CIS-based baseline per SOC 2 recommendations
- SOC 2 specific controls for: Linux
- SOC 2 specific controls for: Windows
- SOC 2 specific controls for: macOS
- Flexible and re-composable checks
- Scoring, parameterization, evidence collection, prescriptions and other features and attribution per check
- Common checks from other standards such as CIS, PCI, FedRAMP and HIPAA
Audit Support Services
Customer partnership to establish controls
Read More
Audit Support Services
- Customer partnership to establish controls
- Proactive, reactive and predictive controls
- Audit preparation by helping customer with their preparatory checklist
- Customer collaboration: Team extension
- Customer collaboration: Surface evidence
- Customer collaboration: Live visibility
- Customer collaboration: Established provenance and efficacy of controls
- Custom alerts, reports and dashboards as necessary
- Full and comprehensive report for customer engagement
Behavioral Detection (IDS)
Comprehensive system behavior-based detection
Read More
Behavioral Detection (IDS)
- Comprehensive system behavior-based detection
- Telemetry-powered Behavioral Detection functionality, including IDS
- Lambda Analytics correlation for event and alerts
- Login, Sessions, Process activity detection
- Commands, Sockets, DNS, Files and more
- Behavioral (Indicators Of Behavior - IOB) detection
- Compromise (Indicators Of Compromise - IOC) detection
- Configuration and customization capabilities
- IOB’s and IOC’s mapped to MITRE ATT&CK
Malware Detection
Multi-method malware detection
Read More
Malware Detection
- Multi-method malware detection
- VirusTotal integration and correlation
- 3rd party File reputation database integration
- Live YARA scan for 100’s of signatures at process launch
- On-demand YARA scan of File and related carving
- On-demand YARA scan of Process/Memory and related carving
- YARA scan triggered by File Integrity Monitoring
- Process has baselining and correlation
File Integrity Monitoring
FIM for directories and file
Read More
File Integrity Monitoring
- FIM for directories and files
- Out-of-box sensitive folder and files detection
- Read, Write, Exec, Modify
- Multi-method correlation – system based and file system based
- Deep sys-call integration for change attribution and chaining
- Rapid inotify monitoring for micro-VM deployments
- Policy, baseline, monitoring, alerting, reporting
- Rgulatory compliance such as PCI, SOC 2, HIPAA, NIST
- Comprehensive exclusion filters and policies to reduce noise
- Auto YARA scan based on FIM triggers
Network Detection
DNS capture and reputation correlation
Read More
Network Detection
- DNS capture and reputation correlation
- HTTP/HTTPS capture and correlation
- JA3 and JARM hash computation and reputation correlations
- JA3/JARM lookup alerts and baselining
- System socket API telemetry
- Lateral movement detection
- Logon activity and correlation with network
- Syslog capture and detection of network activity
Baseline & Outlier Detection
Baseline creation and collection across multiple dimensions
Read More
Baseline & Outlier Detection
- Baseline creation and collection across multiple dimensions
- Logins, Paths, Hash, Sockets and many more attributes
- Baselinse based on 30,60,90, 180 days or more of historical telemetry
- Real-time activity compared against baseline
- Event and Alert correlation for process, logins, shell cmd’s, process hash, sockets and more
- Potential outliers detection based on historical baseline deviation
Vulnerability Detection
Continuous ingestion: Asset inventory and software packages
Read More
Vulnerability Detection
- Continuous ingestion: Asset inventory and software packages
- Continuous ingestion: Asset configuration and asset audits
- Continuous ingestion: Vendor provided security bulletins
- Continuous ingestion: CVE’s and other known sources of vulnerabilities
- Continuous ingestion: CIS and similar audit benchmarks
- Continuous Analytics: Correlation of software inventory with vendor provided security bulletins to surface software vulnerabilities
- Continuous Analytics: Correlation of asset audit and config checks to surface configuration vulnerabilities
- Standardized measurable outcomes based: CIS, CVE/CVSS/NVDB
- Customized measurable outcomes based on organizational needs
