How many CIS compliance reports are you using?

james.s.anderson · July 15, 2025, 8:06pm

diammarino · August 8, 2025, 1:20pm

We are using 6 compliance Reports.

RHEL7.x, 8.x, 9.x

Windows 2016, 2019, 2022

All xml template has been adapted to our internal needs.

james.s.anderson · August 8, 2025, 1:29pm

Hi Domenico,

Thanks for the feedback and welcome to the community!

I have a few follow up questions if you don’t mind:

Do you have any other device types that you aren’t covering with compliance reports? If so, why not?
Without sharing specifics, what type of adaptations did you make to the reports?

James

diammarino · August 8, 2025, 1:51pm

Hi James, I do not cover all device types mainly because

modifing template manually is time consuming and is annoying, irritating –>“PITA”
Some benchmark are still not available like Redhat Opnshift

I use mainly Level 1 compliance template for servers. Some time I change the value that shall be checked or I delete the requirement because it cannot be validated or check do not work correctly.

ex: crond is not used, as from RHEL 9.x chrony is mainly used.

BTW, we set our compliance passmark @ 80%, as reaching the 100% is impossible, due to business and technical constraints.

Regards

system · October 7, 2025, 1:52pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.