You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is issue is to address that the CIS Critical Security Controls mapping for the SCA checks is outdated and using the old version 6 (nowadays is on v8).
To put an example:
Has the following CIS CSC mappings:
But on Wazuh SCA check:
- id: 14510
title: "Ensure 'Interactive logon: Do not require CTRL+ALT+DEL' is set to 'Disabled'"
description: "This policy setting determines whether users must press CTRL+ALT+DEL before they log on. The recommended state for this setting is: Disabled."
rationale: "Microsoft developed this feature to make it easier for users with certain types of physical impairments to log on to computers that run Windows. If users are not required to press CTRL+ALT+DEL, they are susceptible to attacks that attempt to intercept their passwords. If CTRL+ALT+DEL is required before logon, user passwords are communicated by means of a trusted path. An attacker could install a Trojan horse program that looks like the standard Windows logon dialog box and capture the user's password. The attacker would then be able to log on to the compromised account with whatever level of privilege that user has."
remediation: "To establish the recommended configuration via GP, set the following UI path to Disabled: Computer Configuration\\Policies\\Windows Settings\\Security Settings\\Local Policies\\Security Options\\Interactive logon: Do not require CTRL+ALT+DEL"
compliance:
- cis_csc: ["8"]
condition: all
rules:
- 'r:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System -> DisableCAD -> 0'
Regards.
The text was updated successfully, but these errors were encountered:
Hi team,
This is issue is to address that the CIS Critical Security Controls mapping for the SCA checks is outdated and using the old version 6 (nowadays is on v8).
To put an example:
Has the following CIS CSC mappings:
But on Wazuh SCA check:
Regards.
The text was updated successfully, but these errors were encountered: