turbot/github_compliance
GitHub
Loading controls...

Benchmark: 4 Artifacts

Overview

This section consists of security recommendations for the management of artifacts produced by build pipelines, as well as ones used by the application in the build process itself.

Artifacts are packaged versions of software. They are stored in package registries (or artifact managers) and require securing from the moment they are created, through the time they are copied and updated, and up to deployment to their relevant environment.

Usage

Browse dashboards and select 4 Artifacts:

steampipe dashboard

Or run the benchmarks in your terminal:

steampipe check github_compliance.benchmark.cis_supply_chain_v100_4

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share github_compliance.benchmark.cis_supply_chain_v100_4

Benchmarks

Tags