cloudbeat icon indicating copy to clipboard operation
cloudbeat copied to clipboard

Published 20 hours ago verified publisher icon elastic

Add CIS benchmarks Severity

Open opauloh opened this issue 1 year ago • 1 comments

Motivation

In the Alerts Epic we are introducing severity for CIS benchmark rules, the severity is initially planned to be used to create a Detection Rule.

The severity mapping for each rule was added here by @tinnytintin10, and I think it's a good candidate to be added on this repository.

Definition of done

What needs to be completed at the end of this task

  • [ ] All benchmarks rules listed here will have their severity fields in the respective data.yml file
  • [ ] The severity will also be added to the integrations repository to be consumed by Kibana.
  • [ ] Update the csp rule assets based on the updated rules data.yml (use the script)

Out of scope

Default severity for rules not listed in the Spreadsheet .

Related tasks/epics

  • https://github.com/elastic/security-team/issues/4165

opauloh avatar Jul 25 '23 19:07 opauloh

@tinnytintin10 - is severity a priority for 8.11?

tehilashn avatar Aug 07 '23 11:08 tehilashn