troubleshooting Question

Cyber Governance of a Cloud SaaS

Avatar of sunhux
sunhux asked on
Cloud ComputingCyber SecuritySecurity
6 Comments3 Solutions194 ViewsLast Modified:
a leading 1-ERP cloud provider (one of those 3 like SAP, Oracle, MS)
has replied to us that they can't share the hardenings that they have
in place for their OS;  neither would they sign on the hardening
checklist as well as share the penetration test report.

What's typically the way from a customer's Cyber Governance that
we can do?  Ask for SOC2 report or which report which would have
certified that they have performed the required (CIS) hardening &
penetration testings?

Or we can still demand to sight the hardening settings & pentest
reports?  We are using their SaaS
ASKER CERTIFIED SOLUTION
btanExec Consultant
Join our community to see this answer!
Unlock 3 Answers and 6 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 3 Answers and 6 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros