CIS-CAT Pro: Reduced Network Usage and More Linux Coverage
By: Maureen Kunac, CIS-CAT Pro Product Owner
Our teams work with organizations around the world to understand the challenges they may be facing when implementing cybersecurity best practices. Understanding member experiences when using our tools is the top priority for us. We appreciate the efforts our volunteers and CIS SecureSuite Members dedicate to our community activities and product owner conversations. Together, we can do so much!
CIS SecureSuite Members are receiving an update to CIS-CAT Pro Dashboard v1.1.9 and Assessor v4.0.12. Read on to learn more about the newest version.
Reduced network usage
CIS-CAT Pro Dashboard has the ability to automatically import assessment results from CIS-CAT Pro Assessor. With proper authentication between CIS-CAT Pro Assessor and CIS-CAT Pro Dashboard, configuration or vulnerability reports will be available for analysis in CIS-CAT Pro Dashboard upon completion. Vulnerability assessment result files can exceed 50 MB per file while configuration assessment result files can be as large as 12 MB per file. Depending on how you are using CIS-CAT Pro Assessor, this could result in high network bandwidth usage during the time the reports are transferred from Assessor to Dashboard.
To help reduce the amount of bandwidth used and avoid some import errors, we’ve added an option to CIS-CAT Pro Assessor v4’s properties file that will compress XML result files on import to CIS-CAT Pro Dashboard v1.1.9+. The compression will only apply to reports that are configured to automatically “POST” to CIS-CAT Pro Dashboard using the API via the properties file, centralized scripts or on the command line.
With the update, the above property will default to false. This allows time for your organization to test the new feature and upgrade CIS-CAT Pro Dashboard to v1.1.9 to coordinate with the latest option. CIS-CAT Pro Dashboard will continue to support result files that are not compressed.
TIP: CIS SecureSuite Members must upgrade to CIS-CAT Pro Dashboard v1.1.9 to utilize this feature with CIS-CAT Pro Assessor v4.0.12. The option inside assessor-cli.properties file will be defaulted . to false. Change it to true if you would like result XML files compressed during the import process.
By utilizing this option, expect to experience a 94% decrease in the size of vulnerability and configuration assessment result files that are sent to CIS-CAT Pro Dashboard via a “POST” request! This could mean a drop in network bandwidth usage, depending on how CIS-CAT Pro is utilized in your environment and how many reports are sent simultaneously from Assessor to Dashboard.
Organizations may also experience fewer errors on upload to CIS-CAT Pro Dashboard due to file size limits configured in Tomcat.
New Benchmark Coverage for Aliyun Linux
We’ve added more CIS Benchmark coverage to CIS-CAT Pro Assessor v4.0.12. The latest edition of CIS-CAT Pro Assessor includes the CIS Benchmark for Aliyun Linux 2 v1.0.0. This CIS Benchmark provides prescriptive guidance for establishing a secure configuration posture for Aliyun Linux 2 systems. Some examples of hardening this type of environment include disabling unnecessary ports, setting administrative controls, and enabling adequate log storage.
An ever-growing CIS-CAT Pro community
CIS is deeply thankful for our volunteers, partners, and CIS SecureSuite Members who work together to improve configuration security for everyone. By providing feedback on best practices, testing new software builds, and more, our communities are continuously helping us improve and grow. We couldn’t do it without you!
CIS SecureSuite Members can download the latest updates to CIS-CAT Pro Assessor and Dashboard by logging in to CIS WorkBench. Don’t forget to check the CIS-CAT Pro Dashboard Change Log and CIS-CAT Pro Assessor Change Log for all the update details!
Want to share your endpoint configuration challenges with a CIS-CAT Pro team member? We love hearing real-world experiences and challenges! Reach out to us at [email protected].