Benchmark: 500.08(a)
Description
Each Covered Entity’s cybersecurity program shall include written procedures, guidelines and standards designed to ensure the use of secure development practices for in-house developed applications utilized by the Covered Entity, and procedures for evaluating, assessing or testing the security of externally developed applications utilized by the Covered Entity within the context of the Covered Entity’s technology environment.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 500.08(a).
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.nydfs_23_500_08_aSnapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.nydfs_23_500_08_a --shareControls
- CodeBuild project plaintext environment variables should not contain sensitive AWS values
- CodeBuild GitHub or Bitbucket source repository URLs should use OAuth