Benchmark: PCI DSS requirement 11.2.1
Description
Perform quarterly internal vulnerability scans and rescans as needed, until all “high-risk” vulnerabilities (as identified in Requirement 6.1) are resolved. Scans must be performed by qualified personnel.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select PCI DSS requirement 11.2.1.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.pci_dss_v321_requirement_11_2_1Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.pci_dss_v321_requirement_11_2_1 --shareControls
- Monitor missing Endpoint Protection in Azure Security Center
- Vulnerabilities in security configuration on your machines should be remediated
- System updates should be installed on your machines
- A vulnerability assessment solution should be enabled on your virtual machines
- SQL databases should have vulnerability findings resolved