Benchmark: Requirement 6: Develop and maintain secure systems and applications
Description
Unscrupulous individuals use security vulnerabilities to gain privileged access to systems. Many of these vulnerabilities are fixed by vendorprovided security patches, which must be installed by the entities that manage the systems.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Requirement 6: Develop and maintain secure systems and applications.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v321_requirement_6Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v321_requirement_6 --shareBenchmarks
- 6.1 Establish a process to identify security vulnerabilities, using reputable outside sources for security vulnerability information, and assign a risk ranking (for example, as “high,” “medium,” or “low”) to newly discovered security vulnerabilities
- 6.2 Ensure that all system components and software are protected from known vulnerabilities by installing applicable vendor- supplied security patches
- 6.3 Develop internal and external software applications (including web-based administrative access to applications) securely
- 6.5 Address common coding vulnerabilities in software-development processes like train developers at least annually in up-to-date secure coding techniques etc
- 6.6 For public-facing web applications, ensure that either one of the requirements are in place