Benchmark: Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Description
Malicious individuals (external and internal to an entity) often use vendor default passwords and other vendor default settings to compromise systems. These passwords and settings are well known by hacker communities and are easily determined via public information.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v321_requirement_2Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v321_requirement_2 --shareBenchmarks
- 2.1 Always change vendor-supplied defaults and remove or disable unnecessary default accounts before installing a system on the network
- 2.2 Develop configuration standards for all system components
- 2.3 Encrypt all non-console administrative access using strong cryptography
- 2.4 Maintain an inventory of system components that are in scope for PCI DSS