Hello All,
I have been attempting to implement a level one CIS Benchmark and I haven't figured it out just yet. Any advice would be great. Also, I have stumbled across a script that was made for BigSur has anyone adjusted this script to work for Monterey?
https://github.com/gocardless/CIS-for-macOS-BigSur-CP
Thank you in advance !!
Hey there! First, I would look at the macOS Security Compliance project. It's updated regularly, open source, and suggested by Apple (and Jamf). There is even a CIS variant available from Mischa van der Bent. I have not used this one but it's a great starting point.
However, if you're looking for a "simpler" approach, check out this CIS Script that Mischa also wrote. It's inspired by the Jamf professional services script and it provides nice reports.
Looks like the macOS Security Compliance Project finally added CIS although I haven't tried implementing it yet.
@jmahlman did you applied CIS Bench mark Mischa one? I am trying to test that one. Can you or anyone please share me the workflow. I already follow the steps from his github but i think i need help.
@jmahlman did you applied CIS Bench mark Mischa one? I am trying to test that one. Can you or anyone please share me the workflow. I already follow the steps from his github but i think i need help.
I applied using the MSCP CIS guidance. I'm not using Mischa's approach right now.
I made some EAs to collect data from the audit files to know when to remediate.
This one will give a number:
#!/bin/zsh
# cis v2 - Audit List
auditList=$(/usr/libexec/PlistBuddy -c "Print" "/Library/Preferences/org.cislvl2.plist" | sed -nE '{N; s/[[:space:]]*(.*) = Dict.*finding = true.*/\\1/p ; D;}')
echo "<result>${auditList}</result>"This will give a list of findings:
#!/bin/zsh
# cis v2 - Audit Count
auditCount=$(/usr/libexec/PlistBuddy -c "Print" /Library/Preferences/org.cis_leidos.audit.plist | grep -c "finding = true")
echo "<result>${auditCount}</result>"
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.