|
|
@@ -8,17 +8,17 @@ CIS Benchmarks are applied in Packer (packer/lcp/vmware/salt/cis-hardening-rhel-
|
|
|
|
|
|
XDR CIS Exception process:
|
|
|
- Open ticket in COMP Jira ticket queue with details about CIS exception
|
|
|
-- Use the CIS Execption template ( https://jira.xdr.accenturefederalcyber.com/browse/COMP-29 )
|
|
|
+- Use the [CIS Execption template](https://jira.xdr.accenturefederalcyber.com/browse/COMP-29)
|
|
|
Summary: CIS Exception for <CIS control e.g. 5.4.1.1>
|
|
|
- Get ticket approved
|
|
|
-- Add exception to the GitHub Wiki here: https://github.xdr.accenturefederalcyber.com/mdr-engineering/msoc-infrastructure/wiki/CIS-Exceptions
|
|
|
+- Add exception to the GitHub Wiki [here](https://github.xdr.accenturefederalcyber.com/mdr-engineering/msoc-infrastructure/wiki/CIS-Exceptions)
|
|
|
|
|
|
|
|
|
## CIS Benchmark Version
|
|
|
Qualys is currently set to CIS Red Hat Enterprise Linux 7 Benchmark v2.2.0 Level 1 and Level 2.
|
|
|
|
|
|
## CIS Benchmark Scanner
|
|
|
-Use this as a command line CIS benchmarks scanner. Download from here: https://workbench.cisecurity.org/ . Use your AFS email to get access.
|
|
|
-CIS-CAT Pro Assessor, v3
|
|
|
+Use this as a command line CIS benchmarks scanner. Download from here: [CIS Workbench Scanner](https://workbench.cisecurity.org/). Use your AFS email to get access.
|
|
|
+`CIS-CAT Pro Assessor, v3`
|
|
|
|
|
|
In cisecurity.org -> Click on username -> Accenture LLP -> LIcenses -> grab it for the CIS-CAT scanner.
|
Jeremy Cooper [AFS MBP]