FirewallIQ Secure

Compliance

Findings, mapped to the controls auditors ask about.

Every finding category in FirewallIQ Secure is mapped — by us, reviewed annually — to controls across seven frameworks. CI gates ensure no finding category ships without complete coverage.

Compliance

Findings, mapped to the controls your auditor asks about.

Every finding category is mapped — by us, reviewed annually — to the controls in every framework you care about. CI gates ensure no category ships without a complete mapping.

pci

PCI-DSS v4.0

Requirements 1, 2, 10, 11

iso

ISO/IEC 27001:2022

Annex A — A.8, A.12, A.13

csf

NIST CSF 2.0

PR.AC, PR.PT, DE.CM

800

NIST SP 800-53 Rev. 5

AC, SC, SI families

cis

CIS Controls v8

Controls 4, 12, 13

gdpr

GDPR

Article 32 — security of processing

dpdpa

DPDPA 2023 (India)

Section 8(5) — safeguards

SOC 2 mapping

Coming in v2

A sample of the mapping

This is a small slice — the actual library covers every finding category × every framework.

FrameworkControlDescriptionFinding categories
PCI-DSS v4.01.2.1Limit inbound/outbound traffic to that necessary for the CDE
exposure.rdp_internet_facingrule.any_any_allowrule.no_egress_filter
PCI-DSS v4.02.2.5Insecure services and protocols disabled
exposure.telnet_openexposure.smb_v1_openexposure.ftp_open
ISO 27001 A.8.22A.8.22Segregation of networks
segmentation.violation_zone_to_zonesegmentation.unintended_path_to_cde
NIST CSF 2.0PR.AC-05Network integrity protected
rule.any_any_allowexposure.management_interface_external
CIS Controls v84.4Implement and manage a firewall on servers
exposure.rdp_internet_facingrule.any_any_allow
GDPRArt. 32(1)(b)Confidentiality, integrity, availability, resilience
exposure.weak_tls_versionrule.allow_without_logging
DPDPA 2023Sec. 8(5)Reasonable security safeguards
exposure.*rule.*segmentation.*

Conservative by design

We map a finding to a broader control when in doubt. Never overclaim narrow coverage.

Versioned mappings

New framework version? We ship a new mapping file. Old findings keep their original mapping version.

Auditor-friendly disclosure

Reports note that perimeter validation is one input to a broader program — never a complete verdict.

Walk into your next audit with evidence, not estimates.

A 30-minute demo on real findings. We'll walk through scope signing, a live scan, and a signed compliance report — all on a customer-style sandbox.

Request a 30-min demoRead the safety promise

No credit card. No agent install. Authorized-only by design.

Chat with us