v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/github_compliance
Overview
2Dashboards
37Controls
33Queries
2Variables
GitHub

Control: 1.3.9 Ensure an organization's identity is confirmed with a 'Verified' badge

Description

Confirm the domains an organization owns with a "Verified" badge.

Rationale

Verifying the organization’s domains gives developers assurance that a given domain is truly the official home for a public organization. Attackers can pretend to be an organization and steal information via a faked/spoofed domain; therefore, the use of a "Verified" badge instills more confidence and trust between developers and the open-source community.

Audit

Ensure the organization has a "Verified" badge next to its name.

Remediation

Verify the organization's domains and secure a "Verified" badge next to its name.

Usage

Run the control in your terminal:

powerpipe control run github_compliance.control.cis_supply_chain_v100_1_3_9

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run github_compliance.control.cis_supply_chain_v100_1_3_9 --share

SQL

This control uses a named query:

org_domain_verified

Tags

category = Compliance
cis = true
cis_section_id = 1.3
cis_supply_chain_v100 = true
cis_type = automated
cis_version = v1.0.0
plugin = github
service = GitHub