How to map kics rules to compliance

[gauravpareekk]

Hi!

Thank you for responding in advance. I had a question if there is a set of rules where kics are mapped to Framework controls like for eg:
if this tests is fulfilled "EC2 instance should not have a public IP address" then this control of PCI is satisfied
PCI DSS | 1.3.1

Is there any ready made json/csv which I can find?

Thank you for all your help in advance

[kaplanlior]

Hi,

We don't have mapping between specific queries and compliance frameworks. We'll be happy to work together if someone wants to start and build it, it would be great community effort. Similar to the CWE information at #6373 where we made the code changes needed.