GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → techservicesillinois → SecOps-Powershell-CISDSC

techservicesillinois / SecOps-Powershell-CISDSC

Licence: MIT license
Powershell DSC resources for CIS benchmarks

Programming Languages

powershell
5483 projects

CISDSC Pester Tests CISDSCResourceGeneration Pester Tests ScriptAnalyzer

What is This?

This project is designed to deliver CIS security benchmarks in PowerShell DSC via the included CISDSC module. Note that CIS benchmarks are designed for domain joined machines meaning stand-alone/workgroup machines are not supported. If applied to a stand-alone machine any remoting capabilities will break without proper exclusions and may have other unknown side effects.

It also contains a module to assist in the creation of these resources via CISDSCResourceGeneration which is a heavily modified fork of Microsoft's BaselineManagement module.

What is PowerShell DSC?

PowerShell DSC is a configuration management framework built into Windows 7+ powered by PowerShell. The below video gives a high level explanation of the framework.

What is PowerShell DSC (Desired State Configuration)?
Credit to "Eye on Tech" for the great explanation video

PowerShell DSC resources like the ones offered here can be utilized within other configuration management platforms as well. Making this an easy solution regardless of your platform of choice. However the majority of these platforms do not currently support composite resources so generic PowerShell script options may be required vs native DSC support. This is an issue with the PSDesiredStateConfiguration module that is not currently open source.

More detailed information can be found in the getting started with DSC document

How do I install it?

The actual DSC resources should be installed via the CISDSC module's PSGallery page.

# This will install on the local machine
Install-Module -Name 'CISDSC'

# This will download a copy of the module and its dependencies to the specified location
Save-Module -Name 'CISDSC' -Path 'Replace Me'

You can be notified of new releases by following the notifications documentation.

The process of customizing these resources for your environment is outlined in customization.

How do I use it?

After installing the module and dependencies, find example scripts applicable to your build, modify as needed, and run. These scripts can also be run through system deployment tools like MECM.

How can I contribute?

Contribution information can be found in the contributions documentation. Any community engagement is subject to the code of conduct.

Found a bug or a vulnerability?

Disclosure details can be found in the security documentation.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].