turbot/steampipe-mod-azure-compliance

Benchmark: Malicious Code Protection (SI-3)

Description

The organization employs malicious code protection mechanisms at information system entry and exit points to detect and eradicate malicious code; updates malicious code protection mechanisms whenever new releases are available in accordance with organizational configuration management policy and procedures; addresses the receipt of false positives during malicious code detection and eradication and the resulting potential impact on the availability of the information system; and configures malicious code protection mechanisms to perform periodic scans of the information system and real-time scans of files from external sources at an endpoint, network entry/exit points as the files are downloaded, opened, or executed in accordance with organizational security policy, and block and quarantine malicious code, send alert to the administrator and take organization-defined action in response to malicious code detection.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-azure-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select Malicious Code Protection (SI-3).

Run this benchmark in your terminal:

powerpipe benchmark run azure_compliance.benchmark.nist_sp_800_53_rev_5_si_3

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run azure_compliance.benchmark.nist_sp_800_53_rev_5_si_3 --share

Controls

Tags