🚀Launch Week 07, January 27th - 31st, 2025🚀
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-alicloud-compliance
Overview
1Dashboards
78Benchmarks
40Queries
2Variables
GitHub

Control: 8.1 Ensure that Security Center is Advanced or Enterprise Edition

Description

The Advanced or Enterprise Edition enables threat detection for network and endpoints, providing malware detection, webshell detection and anomaly detection in Security Center.

Remediation

From Console

  1. Logon to Security Center Console.
  2. Select Overview.
  3. Click Upgrade.`
  4. Select Advanced or Enterprise Edition.
  5. Finish order placement.

Usage

Run the control in your terminal:

powerpipe control run alicloud_compliance.control.cis_v100_8_1

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run alicloud_compliance.control.cis_v100_8_1 --share

SQL

This control uses a named query:

select
  account_id as resource,
  case
    when version in ('2', '3', '5') then 'ok'
    else 'alarm'
  end as status,
  case
    when version in ('2','3') then 'Security Center Enterprise edition enabled.'
    when version in ('5') then 'Security Center Advanced edition enabled.'
    else 'Security Center Enterprise or Advanced edition disabled.'
  end as reason
  , account_id as account_id, region as region
from
  alicloud_security_center_version;

Tags

category = Compliance
cis = true
cis_item_id = 8.1
cis_level = 2
cis_section_id = 8
cis_type = automated
cis_version = v1.0.0
plugin = alicloud
service = AliCloud/SecurityCenter