Add CIS benchmarks Severity - Githubissues

elastic / cloudbeat

Analyzing Cloud Security Posture

Other

13 stars 42 forks source link

Add CIS benchmarks Severity #1505

Open opauloh opened 1 year ago

opauloh commented 1 year ago

Motivation

In the Alerts Epic we are introducing severity for CIS benchmark rules, the severity is initially planned to be used to create a Detection Rule.

The severity mapping for each rule was added here by @tinnytintin10, and I think it's a good candidate to be added on this repository.

Definition of done

What needs to be completed at the end of this task

[ ] All benchmarks rules listed here will have their severity fields in the respective data.yml file
[ ] The severity will also be added to the integrations repository to be consumed by Kibana.
[ ] Update the csp rule assets based on the updated rules data.yml (use the script)

Out of scope

Default severity for rules not listed in the Spreadsheet .

Related tasks/epics

https://github.com/elastic/security-team/issues/4165

tehilashn commented 1 year ago

@tinnytintin10 - is severity a priority for 8.11?