Powerpipe Detection Mods →
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-aws-compliance
Overview
32Dashboards
1295Benchmarks
585Queries
4Variables
GitHub

Benchmark: 3.13.16 Protect the confidentiality of CUI at rest

Description

Information at rest refers to the state of information when it is not in process or in transit and is located on storage devices as specific components of systems. The focus of protection at rest is not on the type of storage device or the frequency of access but rather the state of the information. Organizations can use different mechanisms to achieve confidentiality protections, including the use of cryptographic mechanisms and file share scanning. Organizations may also use other controls including secure off-line storage in lieu of online storage when adequate protection of information at rest cannot otherwise be achieved or continuous monitoring to identify malicious code at rest.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-aws-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select 3.13.16 Protect the confidentiality of CUI at rest.

Run this benchmark in your terminal:

powerpipe benchmark run aws_compliance.benchmark.nist_800_171_rev_2_3_13_16

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run aws_compliance.benchmark.nist_800_171_rev_2_3_13_16 --share

Controls

Tags

category = Compliance
nist_800_171_rev_2 = true
plugin = aws
service = AWS
type = Benchmark