13
Compliance and Reporting
Compliance. The word alone is enough to make security engineers roll their eyes and auditors get excited! To many, it feels like long queues of checkboxes, endless paperwork, and the gnawing suspicion that none of it really keeps attackers out. And yet, compliance is the part of security that executives lose sleep over, regulators demand, and customers quietly (or loudly) expect as proof that you're not winging it with their data.
The real trick, and the point of this chapter, is realizing that compliance doesn't have to be an afterthought or a once-a-year panic attack when the auditors show up. If you're already collecting logs, monitoring infrastructure, and alerting on threats, congratulations, you've already done ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access