Benchmark: 4.3 Package Registries

Overview

This section consists of security recommendations for management of package registries and artifacts that are stored in them.

Package registries are where the organization artifacts are stored. To keep an artifact safe, you must keep the registry where it is stored safe too. Furthermore, you need to ensure that every artifact that reaches the registry is safe to use and does not put the registry in danger.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-github-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select 4.3 Package Registries.

Run this benchmark in your terminal:

powerpipe benchmark run github_compliance.benchmark.cis_supply_chain_v100_4_3

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run github_compliance.benchmark.cis_supply_chain_v100_4_3 --share

Controls

4.3.4 Ensure webhooks of the package registry are secured

Benchmark: 4.3 Package Registries

Overview

Usage

Controls

Tags