Benchmark: 0709.10m1Organizational.1-10.m 10.06 Technical Vulnerability Management
Description
Technical vulnerabilities are identified, evaluated for risk and corrected in a timely manner.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select 0709.10m1Organizational.1-10.m 10.06 Technical Vulnerability Management.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.hipaa_hitrust_v92_0709_10m1organizational
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.hipaa_hitrust_v92_0709_10m1organizational --share
Controls
- Vulnerabilities in container security configurations should be remediated
- Vulnerabilities in security configuration on your virtual machine scale sets should be remediated
- Vulnerabilities in security configuration on your machines should be remediated
- A vulnerability assessment solution should be enabled on your virtual machines
- Vulnerability assessment should be enabled on SQL Managed Instance
- SQL databases should have vulnerability findings resolved
- Vulnerability assessment should be enabled on your SQL servers