Skip to content

N1-gHT/SCA_Wazuh

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

31 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
cis_debian_12.yml
cis_debian_12.yml
 
 

Repository files navigation

SCA_Wazuh

Wazuh ruleset is used to détect configuration problem, application errors, system anomalies or security policy violation. This ruleset is following the CIS BenchMark recommandation. \

Directory Structure

|--- wazuh/ruleset
|   |--- sca
|   |--- README.md

Web references

Update to come

This is a two-phase project: the first phase involves writing all the rules, and the second phase involves testing and correcting errors.

Currently in phase 1.

Template to use :

X.X.X.X Title of the rule. (Automated|Manual)
    - id: id_rule
    title: "title of the rule"
    description: "description of the rule "
    rationale: " why is this rule is important"
    remediation: "remediation to valide the rule"
    level: "level of the cis rule"
    references:
      - ""
    compliance:
      - cis: [""]
      - others: [""] 
    condition: all|any
    rules:
      use "" (button 3 for special caracter on azerty)
      use '' (button 4 for special caracter on azerty) when you want to do a commande (ex 'c:findmnt -kn /home -> r:^\s*/home\s')

About

Update version of the SCA rule from Wazuh for Debian 12

github.com/wazuh/wazuh/tree/main

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published