Setting up CIS policies for SCA

Using the SCA app? To perform security configuration assessment against your assets, you'll need to import and build policies, based on the latest CIS benchmarks.

Our Import CIS Policy workflow walks you thru the steps quickly

1) Choose CIS policy from our library - Go to Policies and select New > Import CIS Policy. Our out of box policies are based on the latest CIS benchmarks.

Import CIS policy


You'll see details about the policy in the policy editor.

View CIS policy in policy editor


2) Customize policy content (optional) - double click a section title to view controls within this section and take actions.

> Click Activate/Inactivate to toggle the control status. When a control is Inactive it is not included in policy processing, and it will not be displayed in reports.

> Click the Edit link (or double click the row) to view the control scan parameters (i.e. evaluation logic), status, reference number and edit if you like (and click Save).

View controls in CIS policy and take actions like Edit and Inactivate

3) Assign assets to check compliance against - you can choose asset tags or asset groups. Click Edit to choose assets.

Assign assets to CIS policy


Edit policy assets. Click Add Tag, choose tags to include click Save.

How do I add tags? Choose AssetView from the app picker and go to the Tags section.

Add tags to CIS policy