New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
4.0 SCA new checks and policies #776
Conversation
condition: all | ||
rules: | ||
- 'c:mount -> r:\s/var/tmp\s && r:noexec' | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The space between the checks is different in many points, it would be good to define the same space in all policies
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Working on a script to easily fix this on all the policy files.
4.0 SCA - RHEL & CentOS 7 Fix
This PR greatly enhances the amount of SCA checks for various applications and operating systems and assigns new unique IDs to each check.
Added the following policies entirely:
Added checks to the following policies:
This PR also fixes typos both in the description and in the policies themselves that would break previously existing policies.
Each one of these files has been individually tested to work as expected on their relevant environment with the latest Wazuh agent.