Loading controls...
Benchmark: 8 Security Center
Overview
This section covers security recommendations to follow when setting various security policies on an Alibaba Cloud subscription. A security policy defines the set of controls, which are recommended for resources within the specified Alibaba Cloud subscription. Please note that the majority of the recommendations mentioned in this section only produce an alert if a security violation is found. They do not actually enforce security settings by themselves. Alerts should be acted upon and remedied wherever possible.
Usage
Browse dashboards and select 8 Security Center:
steampipe dashboard
Or run the benchmarks in your terminal:
steampipe check alicloud_compliance.benchmark.cis_v100_8
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share alicloud_compliance.benchmark.cis_v100_8
Controls
- 8.1 Ensure that Security Center is Advanced or Enterprise Edition
- 8.3 Ensure that Automatic Quarantine is enabled
- 8.4 Ensure that Webshell detection is enabled on all web servers
- 8.5 Ensure that notification is enabled on all high risk items
- 8.6 Ensure that Config Assessment is granted with privilege
- 8.7 Ensure that scheduled vulnerability scan is enabled on all servers
- 8.8 Ensure that Asset Fingerprint automatically collects asset fingerprint data