This website uses cookies essential to its operation, for analytics, and for personalized content. By continuing to browse this site, you acknowledge the use of cookies.
For details on cookie usage on our site, read our Privacy Policy
Accept
Reject

CIS Benchmark Quick Assess

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

CIS Benchmark Quick Assess

scotchoaf
L4 Transporter

‎03-22-2021 08:52 AM - edited ‎03-22-2021 08:53 AM

100% helpful (2/2)

 

Brief Description

This quickplay solution provides a rapid API-based CIS benchmark assessment of the Palo Alto Networks NGFW

 

Video coming soon...

 

Prerequisites

Playing this solution requires:

  • panhandler 4.3 or later
  • API access to the NGFW

 

Solution Details

Documentation: https://github.com/PaloAltoNetworks/cis-benchmarks

Github Location: https://github.com/PaloAltoNetworks/cis-benchmarks.git

Github Branches: main

Product Versions Supported: PAN-OS 9.0/9.1 based on the benchmark version support

 

Full Description

The CIS benchmark v9.0.0 provides a description, rationale, audit, and remediation steps for a multitude of NGFW configuration benchmarks. Manually assessing the complete set of benchmarks can be highly time consuming.

 

This quickplay allows the user to leverage the NGFW API to query configuration and system state information, assess the various benchmarks, and then present the user with an online report showing pass/fail conditions. Not intended for an official audit, the quick preview allows for remediations ahead of a full audit or to provide periodic checks.

 

Note: This CIS quickplay does not replace a recommended Palo Alto Networks Best Practice Assessment (BPA). For more information, please visit the BPA Live Community

 

Report Results

The output report provides a complete set of contextual information based on the CIS benchmark document:

 

  • summary of total test with pass/fail/action required counts
  • each benchmark grouped by section as found in the report
  • Level and Scored attributes for each benchmark
  • documentation links for each benchmark to assist with manual remediation steps
  • contextual pop-up insights showing why a benchmark failed

 

CIS report.png

 

 

The Action Required Result

Some of the benchmark results are flagged as 'action required'. This denotes one of two outcomes:

 

  • The test hasn't been implemented due to technical limitations such as 'off-box' benchmarks or volumetric type checks that are deployment specific
  • The test hasn't been implemented and is marked as a 'roadmap item' for a future release

 

 

 

Rate this article:
(1)
Comments
LTomkinson
L0 Member
‎05-04-2023 07:58 AM

This is awesome! Exactly what a customer wants - Do you by any chance have an updated version of the CIS Benchmark?

scotchoaf
L4 Transporter
‎05-04-2023 08:42 AM

Hi. thank you for the feedback. Unfortunately we had to shift priorities away from this project and moved it to the archive. There are no planned updates. 

Register or Sign-in
Contributors
Labels
Article Dashboard
Version history
Last Updated:
‎03-22-2021 08:53 AM
Updated by:
LEGAL NOTICES
RESOURCES
Copyright 2007 - 2023 - Palo Alto Networks