Benchmark: ID.AM-08
Description
Systems, hardware, software, services, and data are managed throughout their life cycles.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-azure-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select ID.AM-08.
Run this benchmark in your terminal:
powerpipe benchmark run azure_compliance.benchmark.nist_csf_v2_id_am_08
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run azure_compliance.benchmark.nist_csf_v2_id_am_08 --share
Controls
- Management ports of virtual machines should be protected with just-in-time network access control
- Compute virtual machine scale sets should have automatic OS image patching enabled
- System updates should be installed on your machines
- A vulnerability assessment solution should be enabled on your virtual machines
- SQL databases should have vulnerability findings resolved