Closed thaneye closed 2 years ago
0x6d69636b
commented
2 years ago No, not a typo. HardeningKitty uses passed as severity if a setting/check is correct/successful. We had this discussion in issue #19, and I added the row SeverityFinding to the CSV report (https://github.com/0x6d69636b/windows_hardening/commit/9166ed82a54344b0d87407b401059d1c18dd1e29).
thaneye
commented
2 years ago My recommendation would be to keep only one column related to "severity" (low, medium, high, critical) and the "test result". Otherwise it causes confusion and can lead to misunderstanding.
0x6d69636b
commented
2 years ago I see your point, however my requirements are to have a "positive" result aka "passed" and the HardeningKitty score (https://github.com/scipag/HardeningKitty#hardeningkitty-score) is based on passed as well. The log is a CSV and everybody is free to remove and/or rename the columns in it
thaneye
commented
2 years ago You have passed already in test result column. If you filter on severity == passed it's the same as you would do with TestReult == failed. However, I agree with your comment that everyone can change the csv.
When executing
Invoke-HardeningKitty -Mode Audit -Log -Reportthe generated csv as severity column contains "passed" along with medium and low. Typo?