Has anyone played with the configuration assessment tool - https://benchmarks.cisecurity.org/freetrial/
Looking at creating a Fixlet to execute via command line, with an Analysis to parse the output.
Thanks !
Can you provide a direct link to the installer binary, or can you upload a copy to https://www.virustotal.com/ and provide a link to the resulting analysis page?
Do you have anything you have attempted so far, even if it doesn’t work?
Related: Issues with CIS Benchmark Tools Incorporated into BigFix/SCA
I haven’t used either, but with the installer type from virustotal I should be able to determine how to install it from the command line, or if the company provides documentation for that.
Then it is a matter of running it through the command line with logging, either through experimentation or provided documentation.
It isn’t too difficult to integrate things like this is as long as they can be installed and run on the command line. In some cases you can even download the files and run it without installation.
See this example:
Also the BigFix compliance product offers CIS benchmarks so that might be a good route to go if you’re not licensed for CIS
1 Like
They do offer the CIS Checklists, but the output to reporting is very raw and unorganized compared to the actual CIS Assessment output/reports.
I too am trying to figure out a way to possibly create a Fixlet that would call out the CIS Benchmark Assessment Toolkit to be run remotely from BigFix with a Report as an Output.
1 Like
I have it working via cis-cat command line, pretty simple using their jar file.
Do you have the output/results being pushed to a centralized dashboard? Or just a share location?
Do you have any details on how you configured this to run?
1 Like
Piping the results out to a txt file using the following switches -
-b "{(pathname of client folder of current site) & "\__Download\benchmarks\CIS_Microsoft_Windows_7_Benchmark_v2.1.0-xccdf.xml"}" -r "{pathname of parent folder of regapp "besclient.exe"}" -rn CIS-Win7 -a -n -t -y
Once you have the results text file, create a property to return lines of …
I agree with you, the CIS html file provides far more comprehensive reporting, but parsing html opposed to plain txt (in BigFix) is trickier.
Have you looked at the web interface for the security and compliance module? It actually looks pretty nice…
Are you talking the Web Interface on the SCA Analytics server? See below. If that is what you are talking about, then yes, I’m using that. Just comparing it to the actual CIS Assessment Toolkit, visually it doesn’t compare. Right now we are working on comparing the details to see if it matches up.
Is there an option to have the output be XML instead of plain text? XML can be read on windows with relevance relatively well.
Resurrecting this thread - there is a way to export the data from the CIS CAT tool in XML - how would you suggest incorporating that data into BigFix SCA?