builtin:spm-security-standards)Security Posture Management: Manage Security Standards
| Schema ID | Schema groups | Scope |
|---|---|---|
builtin:spm-security-standards | - | environment |
| GET | Managed | https://{your-domain}/e/{your-environment-id}/api/v2/settings/schemas/builtin:spm-security-standards |
| SaaS | https://{your-environment-id}.live.dynatrace.com/api/v2/settings/schemas/builtin:spm-security-standards | |
| Environment ActiveGate | https://{your-activegate-domain}/e/{your-environment-id}/api/v2/settings/schemas/builtin:spm-security-standards |
To execute this request, you need an access token with Read settings (settings.read) scope. To learn how to obtain and use it, see Tokens and authentication.
| Property | Type | Description | Required |
|---|---|---|---|
CIScisEnabled | boolean | The CIS Critical Security Controls (CIS Controls) are a prescriptive, prioritized, and simplified set of best practices that you can use to strengthen your cybersecurity posture. Today, thousands of cybersecurity practitioners from around the world use the CIS Controls and/or contribute to their development via a community consensus process. | required |
DORAdoraEnabled | boolean | Digital Operational Resilience Act (DORA) is a major piece of European Union legislation (Regulation (EU) 2022/2554). DORA aims to enhance the resilience of digital operations and protect the integrity of the financial market infrastructure in the European Union. Compliance with DORA is a pathway to creating a more secure and reliable digital environment within financial institutions. The act impacts day-to-day operations, security protocols, and compliance measures. | required |
NISTnistEnabled | boolean | The National Institute of Standards and Technology (NIST) publishes the NIST SP 800-53, which offers security and privacy controls for information systems and organizations. Per the Office of Management and Budget (OMB), the NIST standards and policies are mandatory for all non-national security systems run by federal agencies in the USA. | required |
DISA STIGstigEnabled | boolean | Security Technical Implementation Guides (STIGs) are based on the standards of the Department of Defense (DoD). DISA STIG guidelines are often used as a baseline in other sectors or segments to ensure compliance with the standards and access to the DoD networks. All organizations must meet the DISA STIG security standards before accessing and operating on DoD networks. | required |