fleet Support for Linux CIS Benchmarks

This is a placeholder ticket for adding Linux CIS Benchmarks support (policies generation)

Jun 06 '24 19:06 dherder

Thanks for tracking this @dherder!

Which Linux Benchmarks is the prospect looking for?

Here's how I found all Linux CIS Benchmarks: I searched "Linux" in the CIS WorkBench tool (where all published benchmarks are listed): https://workbench.cisecurity.org/benchmarks?q=linux&status=&sortBy=title&type=asc

There's 181 results/benchmarks...

Jun 07 '24 14:06 noahtalerman

@noahtalerman I'll find out.

Jun 07 '24 19:06 dherder

@noahtalerman - the request from prospect-nuptel is for Rocky 9, Ubuntu 22.04, 24.04 coverage.

Jun 10 '24 13:06 dherder

prospect-oaxaca requires support for SUSE (CrayOS) and RHEL distros

Sep 25 '24 19:09 dherder

@dherder Can you add a gong link about the fold? We can make this issue about one particular customer request to start cc @noahtalerman @lukeheath @alexmitchelliii

EDIT: Sorry, I meant re: who this request is coming from

Oct 03 '24 20:10 mikermcneil

Community interest in Ubuntu and RHEL: LinkedIn article

Oct 19 '24 00:10 allenhouchins

Hey @dherder I pulled this request off of feature fest b/c it doesn't meet the criteria for prioritization: https://github.com/fleetdm/fleet/pull/23184/files#diff-c99d12c3af50c0c2aca2b9ef7597c02ccfe87678291956ff0b2e83d63978ea38R370

Oct 24 '24 17:10 noahtalerman

@noahtalerman We could start with a subset based on what people think is the most important -- e.g. "Linux top 200 (from CIS)" based on what customers and users care about most. So if we prioritize what we're hearing from folks like Oscar T and @carljbai and any contributions people make

Nov 27 '24 21:11 mikermcneil

Coming soon: https://www.linkedin.com/feed/update/urn:li:share:7346404735349833733/

Jul 04 '25 11:07 mikermcneil