Benchmark: AC-2(12) Account Monitoring
Description
Monitors and reports atypical usage of information system accounts to organization-defined personnel or roles.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select AC-2(12) Account Monitoring.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.fedramp_high_ac_2_12Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.fedramp_high_ac_2_12 --shareControls
- Management ports of virtual machines should be protected with just-in-time network access control
- Azure Defender for App Service should be enabled
- Microsoft Defender for Containers should be enabled
- Azure Defender for Key Vault should be enabled
- Azure Defender for Resource Manager should be enabled
- Azure Defender for servers should be enabled
- Azure Defender for Azure SQL Database servers should be enabled
- Azure Defender for SQL should be enabled for unprotected SQL Managed Instances
- Microsoft Defender for Storage (Classic) should be enabled