Good morning, everyone! I'm looking for recommendations on open-source tools that could help with baseline analysis based on the CIS benchmark for Windows. Just to clarify, I'm specifically not interested in using CIS CAT LITE or CIS CAT PRO. Any other suggestions?
3 Answers
You mentioned you don't want to use CIS CAT, but I'm curious—what's the reasoning behind that? If you have specific requirements that rule out their tools, sharing them might lead to better alternatives. Also, some people I know have had success using the Microsoft Security Compliance Toolkit and Defender for analysis, which could be worth checking out!
Have you looked into Greenbone OpenVAS? They provide CIS benchmarking features, but keep in mind that you need the Enterprise feed for that, which isn't free. You might also explore Wazuh SCA; I heard they have some useful capabilities for CIS compliance assessment!
If you're committed to CIS standards, you're likely going to need to invest in a CIS membership to access their full suite of tools. Just a heads up if you want to stick strictly to their guidelines!
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures