🚀 Launch Week 10, September 22nd - 26th, 2025 🚀
Powerpipe Hub 
Hub
Mods
turbot/steampipe-mod-aws-compliance
Overview
35Dashboards
1534Benchmarks
673Queries
9Variables
GitHub

Benchmark: SI-3(8) Detect Unauthorized Commands

Description

a. Detect the following unauthorized operating system commands through the kernel application programming interface on [Assignment: organization-defined system hardware components]: [Assignment: organization-defined unauthorized operating system commands]; and b. [Selection (one or more): issue a warning; audit the command execution; prevent the execution of the command].

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-aws-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select SI-3(8) Detect Unauthorized Commands.

Run this benchmark in your terminal:

powerpipe benchmark run aws_compliance.benchmark.nist_800_53_rev_5_si_3_8

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run aws_compliance.benchmark.nist_800_53_rev_5_si_3_8 --share

Benchmarks

Tags

category = Compliance
nist_800_53_rev_5 = true
plugin = aws
service = AWS
type = Benchmark