turbot/github_compliance
GitHub
Loading controls...

Benchmark: 3.1 Third-Party Packages

Overview

This section consists of security recommendations for the use and management of third-party dependencies and packages. As a consumer of various third-party packages, you need to ensure certain conditions exist to trust them and use them safely. Using third-party packages affects not only the software, but also its customers, so it is important to carefully examine each one of these packages.

Usage

Browse dashboards and select 3.1 Third-Party Packages:

steampipe dashboard

Or run the benchmarks in your terminal:

steampipe check github_compliance.benchmark.cis_supply_chain_v100_3_1

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share github_compliance.benchmark.cis_supply_chain_v100_3_1

Controls

Tags