wazuh-ruleset icon indicating copy to clipboard operation
wazuh-ruleset copied to clipboard

Published 20 hours ago verified publisher icon wazuh

SCA policies improvements

Open chemamartinez opened this issue 5 years ago • 0 comments

Hi team,

New iterations are needed for continuously improving SCA policies. Here is a summary of the tasks ahead for them.

General tasks

The following tasks are general for each OS and imply changes in the SCA core.

  • [ ] Map the SCA policies for compliance (e.g. PCI DSS, HIPAA, NIST 800 53)

  • [ ] Create profiles to be able to split policies while scanning.

  • [ ] Unify policies: it should only exist one policy for each OS.

  • [ ] Version the policies

Create new policies

Cloud services

  • [ ] Benchmark for Amazon Web Services

  • [ ] Benchmark for Microsoft Azure Foundations

  • [ ] Benchmark for Google Cloud Platform Foundations

Virtualization

  • [ ] Docker

  • [ ] VMWare

  • [ ] Kubernetes

OS

  • [ ] For available policies, develop missing checks

  • [ ] Policies for missing OS

chemamartinez avatar Sep 09 '19 13:09 chemamartinez