Benchmark: Annex I (6)
Description
Put in place systems and processes to identify, track, manage and monitor the status of patches to servers, operating system and application software running at the systems used by the UCB officials (end-users). Implement and update antivirus protection for all servers and applicable end points preferably through a centralised system.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Annex I (6).
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.rbi_cyber_security_annex_i_6Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.rbi_cyber_security_annex_i_6 --shareControls
- GuardDuty findings should be archived
- RDS DB instance automatic minor version upgrade should be enabled
- AWS Redshift should have required maintenance settings
- SSM managed instance associations should be compliant
- SSM managed instance patching should be compliant