Benchmark: Other Compliance Checks
Overview
This benchmark contains additional checks to help you detect GitHub organization and repository configurations that do not meet best practice. These checks are not associated with any particular compliance framework, so we recommend integrating any relevant checks into your workflow on a per control basis.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-github-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Other Compliance Checks.
Run this benchmark in your terminal:
powerpipe benchmark run github_compliance.benchmark.otherSnapshot and share results via Turbot Pipes:
powerpipe benchmark run github_compliance.benchmark.other --shareControls
- Organization base permissions should be set to None
- Organization members should have Multi-Factor Authentication (MFA) enabled