-
Notifications
You must be signed in to change notification settings - Fork 145
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.
Already on GitHub? Sign in to your account
Case 19.6.6.1.1 is missing severity #19
Comments
As far as I can see this seems okay: The result of the check is 1, which is also the recommendation, therefore Passed is correct. Could you please explain me what is wrong here? |
The Results gets Mixed Up, severity is Interpreted as passed, because the Case Input ist missing a severity level. |
Sorry I don't get it, there is a severity in the list: https://github.com/scipag/HardeningKitty/blob/master/lists/finding_list_cis_microsoft_windows_11_enterprise_21h2_user.csv#L6? Maybe you could give me an example of a false result to help me understand this issue? |
Two results of this Test: First one, OK -> Severity = Medium Second Result, not OK -> Severity = passed A severity level of passed, should be impossible Same is found in the logfile, if you choose to create one. |
But the result 1 for check 19.6.6.1.1 equals the recommendation 1, so therefore the check is passed. I decided to list all tests, positive and negative, to see what was tested in the first place |
It is about consistency and if I use the exported report csv, I will have problems because of the missing fields in some rows. ckeck: "ID","Name","Severity","Result","Recommended" -> 5 Fields馃樅 |
Ah, I see: The recommendation value is not part of the output if a test is passed. I'll change this behaviour |
Old: New: New (Log): |
OK, but Severity=Passed is still wrong, it should always be LOW, MEDIUM or High ? I really with you had gone the Pester and Nunit Report way ... |
It depends on the state/definition of Severity. I use severity here for the result of the test, but - if I understand you correctly - you'd like having the information what the severity of the check itself is? Would two rows help (severity result, severity check)? |
If I export the data and use it elsewhere, I like to explain the data, color all failed high tests red and discuss them to be solved first etc. |
Gotcha! My requirement is to have a severity with {Passed,Low, Medium...}, however I can add a result_test = {Passed,Failed} and a severity_finding {Low, Medium, High, Critical} to the output, log, and report. What do you think? |
Yes, please. This way the two pieces of information are unique and don't get mixed up, thanx. |
I updated the format of the report file in a new commit in the development repo: 0x6d69636b/windows_hardening@9166ed8 |
looks good, thx. |
invoke-hardeningKitty .\lists\finding_list_cis_microsoft_windows_11_enterprise_21h2_user.csv -EmojiSupport -Mode Audit
Output:
[*] 8/6/2022 9:25:35 AM - Starting Category Administrative Templates: System
[馃樅] ID 19.6.6.1.1, Internet Communication Management: Internet Communication Settings: Turn off Help Experience Improvement Program, Result=1, Severity=Passed
Log:
"19.6.6.1.1","Internet Communication Management: Internet Communication Settings: Turn off Help Experience Improvement Program","Passed","1"
The text was updated successfully, but these errors were encountered: