Open ItMeAedri opened 3 months ago
0x6d69636b
commented
3 months ago To make/update a CIS list is a piece of work (comparing the PDF with my lists). It'll take me a few hours, depending on the amount of changes. It will be done, but I can't say when. You are welcome to create a pull request with the changes ;-)
h4n0sh1
commented
2 months ago To make/update a CIS list is a piece of work (comparing the PDF with my lists). It'll take me a few hours, depending on the amount of changes. It will be done, but I can't say when. You are welcome to create a pull request with the changes ;-)
Hi sir, i would like to thank you for this amazing repo firstly. May i ask if the expected process for creating / updating the finding lists is documented somewhere ? I was trying to find the finding list for windows server 2019 msft baseline specifically but couldn't retrieve it, even in the 2020 / 2021 commits it doesn't seem to be present ? Would be inclined to contribute to this work with a slight guidance maybe, to comply with the correct methodology.
0x6d69636b
commented
2 months ago First things first, all developments take place in dev repo. If you want to make a pull request, do it there.
For Microsoft Security Baseline, go to the Microsoft Security Compliance Toolkit 1.0 site and download the matching package. I use the documentation and the Excel list as a guide and go through all the recommendations.
Then I suggest you take an existing list and compare it with Microsoft's recommendation, adding or deleting items. You can then submit this as a pull request.
Probably the list Microsoft Security baseline for Windows Server (DC and Member) 2004 will be the best list for a copy. Please create a list for both DC and Member server.
0x6d69636b
commented
2 months ago CIS Updates:
The new lists are in the dev repo and will be published here with the next update
CIS Benchmark v3.0.1 has been released. The finding lists on Github are still based on V2.0.x. Are there plans to update the lists to V3.0.x?