Auto-tests in Drata



CHM04_1 DCF-4 Version Control System Notes to Auto-test
CHM05 DCF-5 Code Review Process  
CHM03_1 DCF-6 Production Code Changes Restricted  
CHM03 DCF-7 Separate Testing and Production Environments Drata looks for labels "test", "development" to validate the separation. If they are labelled something different, the test may fail and require manual evidence.
REC01_1 DCF-27 Multiple Availability Zones  
AUT05 DCF-75 Cloud Data Storage Restricted  
EXT06_3 DCF-48 Session Lock  
PMN19 DCF-49 Password Manager  
EXT05 DCF-50 Malware Detection Software Installed  
PMN11 DCF-51 Security Patches Automatically Applied  
PMN18 DCF-52 Hard-Disk Encryption  
EXT07 DCF-54 Customer Data is Encrypted at Rest  
EXT08 DCF-55 SSL/TLS Enforced  
AUT01 DCF-67 MFA on Accounts  
AUT04 DCF-71 Unique Accounts Used  
REC02 DCF-77 Daily Database Backups  
SMN02_1 DCF-79 Logs Centrally Stored  
SMN01 DCF-80 Log Management System  
EXT03 DCF-85 Firewalls  
EXT11 DCF-87 Logging/Monitoring  
EXT20 DCF-88 Web Application Firewall  
MGT10_1 DCF-89 Cloud Infrastructure Linked to Drata  
REC15 DCF-96 Load Balancer Used  
SMN04_1 DCF-97 Auto-Scale Configuration  
PMN06 DCF-20 Maintains Asset Inventory  
CHM06 DCF-156 Production Code Released by Appropriate Personnel  
MGT10_2 DCF-160 Continuous Control Monitoring