Continuous Compliance Dashboard#
This environment utilizes GitOps to ensure integrity. Evidence is derived directly from the Source of Truth (the code) and validated via third-party scanners.
System & Communications Protection (SC)#
| ID |
Control Requirement |
Implementation Strategy |
Live Evidence (Proof) |
| 3.13.8 |
Cryptographic Protection |
Traffic is encrypted via TLS 1.2+ at the Edge (Cloudflare). Origin server is inaccessible via HTTP. |
๐ Live SSL Report (Click to run a real-time third-party scan) |
| 3.13.1 |
Boundary Protection |
The web application is hosted on Azure PaaS. Direct IP access is obfuscated via Cloudflare Proxy. |
๐ DNS Configuration (Validates Cloudflare nameservers) |
Configuration Management (CM)#
| ID |
Control Requirement |
Implementation Strategy |
Live Evidence (Proof) |
| 3.4.1 |
Baseline Configuration |
Infrastructure is defined as Code (IaC). No manual console changes are permitted. |
๐ View Source Config (Links to the immutable config file) |
| 3.4.2 |
Enforcement |
The CI/CD pipeline acts as the Gatekeeper. Invalid configurations fail the build before deployment. |
โ
Build History (Proof of successful automated builds) |
Identification & Authentication (IA)#
| ID |
Control Requirement |
Implementation Strategy |
Live Evidence (Proof) |
| 3.5.1 |
Identification |
Administrative access requires MFA-protected GitHub Identity. No shared accounts. |
๐ Deployment Policy (Shows secure token injection) |