Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[CIS Azure] Virtual Machines rules #1258

Closed
4 tasks done
Tracked by #1253
jeniawhite opened this issue Aug 21, 2023 · 4 comments · Fixed by elastic/csp-security-policies#311, elastic/csp-security-policies#320, elastic/csp-security-policies#321, elastic/csp-security-policies#322 or #1385
Closed
4 tasks done
Tracked by #1253

[CIS Azure] Virtual Machines rules #1258

jeniawhite opened this issue Aug 21, 2023 · 4 comments · Fixed by elastic/csp-security-policies#311, elastic/csp-security-policies#320, elastic/csp-security-policies#321, elastic/csp-security-policies#322 or #1385
Assignees
@orestisfl @animehart
Labels
8.11 candidate CIS Azure Team:Cloud Security Cloud Security team related

Comments

@jeniawhite
Copy link
Contributor

jeniawhite commented Aug 21, 2023
edited by orestisfl
Loading

We would like to implement the following rules:

  • 7.1 Ensure an Azure Bastion Host Exists
  • 7.2 Ensure Virtual Machines are utilizing Managed Disks
  • 7.3 Ensure that 'OS and Data' disks are encrypted with Customer Managed Key (CMK)
  • 7.4 Ensure that 'Unattached disks' are encrypted with 'Customer Managed Key' (CMK)
@jeniawhite jeniawhite mentioned this issue Aug 21, 2023
Closed
8 tasks
@jeniawhite jeniawhite changed the title Virtual Machines [CIS Azure] Virtual Machines rules Aug 21, 2023
@jeniawhite jeniawhite added Team:Cloud Security Cloud Security team related CIS Azure labels Aug 21, 2023
This was referenced Sep 29, 2023
Merged
Merged
@orestisfl orestisfl self-assigned this Oct 2, 2023
@orestisfl orestisfl mentioned this issue Oct 3, 2023
Merged
5 tasks
This was linked to pull requests Oct 3, 2023
Implement CIS Azure 7.4 elastic/csp-security-policies#311
Merged
CIS Azure: Implement 7.2, 7.3 elastic/csp-security-policies#320
Merged
@orestisfl orestisfl mentioned this issue Oct 3, 2023
Merged
2 tasks
@orestisfl orestisfl mentioned this issue Oct 3, 2023
Merged
5 tasks
This was linked to pull requests Oct 3, 2023
activity_log_alerts: Change to array in resource level elastic/csp-security-policies#321
Merged
CIS Azure: Implement 7.1 elastic/csp-security-policies#322
Merged
Azure: Fetch bastions #1385
Merged
Azure: Fetch disk type #1370
Merged
@orestisfl orestisfl reopened this Oct 3, 2023
@orestisfl orestisfl reopened this Oct 3, 2023
@jeniawhite
Copy link
Contributor Author

jeniawhite commented Oct 24, 2023
edited
Loading

7.1 (Fail not passing due to bastion resource pull when it is deleted)
Pass
Screenshot 2023-10-24 at 12 07 22

Fail
No evaluation at all, I assume that this is due to the fact that no bastions were sent to the OPA layer.
This creates a problem because we should evaluate with failure and we do not evaluate at all.

7.2
Pass
Screenshot 2023-10-24 at 13 03 06

Fail
Screenshot 2023-10-24 at 15 29 34

7.3
Pass
Screenshot 2023-10-24 at 15 35 58

Fail
Screenshot 2023-10-24 at 12 26 05

7.4
Pass
Screenshot 2023-10-24 at 15 36 53

Fail
Screenshot 2023-10-24 at 12 57 46

@orestisfl orestisfl reopened this Oct 24, 2023
@orestisfl orestisfl added the verified label for fixed and retested issues label Oct 25, 2023
This was referenced Oct 25, 2023
Closed
Merged
@orestisfl orestisfl removed the verified label for fixed and retested issues label Oct 25, 2023
@orestisfl
Copy link
Contributor

@kfirpeled Please only verify the 7.1 rule

@maxcold
Copy link
Contributor

maxcold commented Oct 30, 2023

@animehart pls check this one with @jeniawhite

@animehart
Copy link

had a chat with @jeniawhite , this will be verified on next BC (BC5)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@orestisfl orestisfl

@animehart animehart

Labels
8.11 candidate CIS Azure Team:Cloud Security Cloud Security team related
Projects
None yet
Milestone
No milestone
5 participants
@maxcold @orestisfl @animehart @jeniawhite @oren-zohar