Benchmark: Requirement 10: Track and monitor all access to network resources and cardholder data
Description
Logging mechanisms and the ability to track user activities are critical in preventing, detecting, or minimizing the impact of a data compromise. The presence of logs in all environments allows thorough tracking, alerting, and analysis when something does go wrong.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Requirement 10: Track and monitor all access to network resources and cardholder data.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v321_requirement_10Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v321_requirement_10 --shareBenchmarks
- 10.1 Implement audit trails to link all access to system components to each individual user
- 10.2 Through interviews of responsible personnel, observation of audit logs, and examination of audit log settings
- 10.3 Record at least the following audit trail entries for all system components for each event
- 10.5 Interview system administrators and examine system configurations and permissions to verify that audit trails are secured so that they cannot be altered
- 10.7 Retain audit trail history for at least one year, with a minimum of three months immediately available for analysis (for example, online, archived, or restorable from backup)
- 10.8 Additional requirement for service providers only to implement a process for the timely detection and reporting of failures of critical security control systems, including but not limited to failure of firewalls, IDS/IPS, FIM, anti-virus, physical access controls, logical access controls, audit logging mechanisms and segmentation controls