Marius Niculescu
|
043878e345
|
Fixing ASB v2's auditEnsureSystemdJournaldServicePersistsLogMessages and remediateEnsureSystemdJournaldServicePersistsLogMessages (#764)
|
2024-09-17 09:15:39 -07:00 |
Marius Niculescu
|
0b85eadff1
|
Fix for ASB v2's auditEnsureDotDoesNotAppearInRootsPath (#763)
|
2024-09-12 18:25:22 -07:00 |
Marius Niculescu
|
b8429b4655
|
Prevent CheckFileContents cause an invalid reason to fail json_value_init_string and cascade into a false passing audit (#762)
|
2024-09-10 11:03:53 -07:00 |
Marius Niculescu
|
de8c82d462
|
Re-adding the SSH port policy parameter for the SSH and ASB v2 test policies (#761)
|
2024-09-06 20:36:15 -07:00 |
Marius Niculescu
|
d9430bdcb1
|
Disabling the subscription manager plugin for YUM and DNF on RedHat-based distributions for ASB v2's package installed checks (#760)
|
2024-09-05 14:33:27 -07:00 |
Marius Niculescu
|
244024f0ff
|
Add more log tracing for the invoked package managers operations (#759)
|
2024-09-05 11:47:25 -07:00 |
Ahmed Messaoud
|
381d6eea01
|
Fixed pmc bug, added explicit msal auth_type for pmc (#758)
|
2024-08-28 15:04:10 -07:00 |
Marius Niculescu
|
e2bf390384
|
Fixing missed reason for ASB v2's auditEnsurePasswordReuseIsLimited leading to 'audit failure without a reason' (#757)
|
2024-08-16 11:30:19 -07:00 |
Marius Niculescu
|
cf522e87b0
|
Adding the kernel version alongside pretty name to log at start of the ASB v2 run to more precisely identify the OS image ASB is running on (#756)
|
2024-08-15 10:29:00 -07:00 |
Marius Niculescu
|
a60248c59f
|
Ensuring the package managers presence is only checked once per ASB instance run (#755)
|
2024-08-15 08:31:51 -07:00 |
Marius Niculescu
|
5e6f1e7b3e
|
Fixing for ASB v2 default PAM modules location and logrotate.timer expectation for Ubuntu 16.04 and Ubuntu 18.04 (#754)
|
2024-08-12 21:53:41 -07:00 |
Marius Niculescu
|
29716f9667
|
Improving remediateEnsureLockoutForFailedPasswordAttempts, remediateEnsurePasswordCreationRequirements and remediateEnsureCoreDumpsAreRestricted and avoiding duplicating same line multiple times when replacing in a file (#752)
|
2024-07-25 16:52:43 -07:00 |
Marius Niculescu
|
61d2019d07
|
Updating the ASB v2 and SSH Posture Control test policy definitions (#751)
|
2024-07-23 10:29:10 -07:00 |
Marius Niculescu
|
31e2574524
|
Fixing remediateEnsureLockoutForFailedPasswordAttempts (#750)
|
2024-07-22 11:54:00 -07:00 |
Marius Niculescu
|
3eebf4f57d
|
Updating the test policy definitions for ASB v2 and SSH Posture Control (#749)
|
2024-07-17 15:24:44 -07:00 |
Marius Niculescu
|
b759bcd99f
|
Refining the way for ASB v2's remediateEnsurePasswordReuseIsLimited approach (#748)
|
2024-07-17 12:50:33 -07:00 |
Marius Niculescu
|
60db2c0977
|
For ASB v2's remediateEnsurePasswordExpiration ensure that all user passwords have dates of last changes (#747)
|
2024-07-15 15:32:56 -07:00 |
Marius Niculescu
|
bcb4b972a0
|
For ASB v2, adding special case when checking for user password expiration for missing last password change record (#746)
|
2024-07-12 17:25:20 -07:00 |
Marius Niculescu
|
cee86597d7
|
Follow-up stabilization fix for ASB v2's remediateEnsurePasswordExpiration (#745)
|
2024-07-12 14:31:34 -07:00 |
Marius Niculescu
|
23437f7252
|
Fix for ASB v2's remediateEnsureCupsServiceisDisabled and auditEnsureCupsServiceisDisabled plus updated ASB and SSH policy names (#743)
|
2024-07-11 15:35:50 -07:00 |
Marius Niculescu
|
48631075cc
|
Removing unused name GUID from ASB v2 and SSH policy definitions (#742)
|
2024-07-10 15:23:24 -07:00 |
Marius Niculescu
|
5e5a25a8b4
|
Fixes for several ASB v2 remediation and audit checks plus shorter policy package names (#741)
|
2024-07-10 11:52:53 -07:00 |
Marius Niculescu
|
140776a68f
|
Customizing the policy names for Portal to match the policy package names (#740)
|
2024-07-03 16:49:57 -07:00 |
Marius Niculescu
|
d3d5564e61
|
Skipping ARM64 builds temporarily (#739)
|
2024-07-03 13:50:22 -07:00 |
Ahmed Messaoud
|
cdec8a14fb
|
Fixed invalid conditional for "Setup QEMU" action (#738)
|
2024-07-02 16:25:02 -07:00 |
Ahmed Messaoud
|
556226e0f0
|
Run native amd64 containers without QEMU (#737)
|
2024-07-02 15:50:54 -07:00 |
Marius Niculescu
|
1bc8dee8e7
|
Optimizing the Configuration module for the new IotHubManagementEnabled setting and more (#736)
|
2024-07-02 11:41:14 -07:00 |
Ahmed Messaoud
|
c2c9a89bc7
|
Fixed upload-artifact to use v4 (#735)
|
2024-06-28 14:25:16 -07:00 |
Marius Niculescu
|
35c689b071
|
Making IoT Hub management optional by default and configurable in favor of RC/DC channel (#733)
|
2024-06-27 16:56:51 -07:00 |
Ahmed Messaoud
|
e16a6c68b3
|
Fixed signing and updated debian-10 base image (#734)
|
2024-06-27 16:28:07 -07:00 |
Marius Niculescu
|
cb259f69c1
|
Fixing situation when RC/DC watcher fails to apply configuration from fresh DC file (#732)
|
2024-06-25 15:19:17 -07:00 |
Marius Niculescu
|
af0326bc73
|
Stabilizing ASB v2's auditEnsureZeroconfNetworkingIsDisabled and remediateEnsureZeroconfNetworkingIsDisabled (#731)
|
2024-06-24 11:00:50 -07:00 |
Marius Niculescu
|
8b179cc2fb
|
Continued stabilization for ASB v2 (auditEnsurePermissionsOnEtcPasswdDash and more) (#730)
|
2024-06-21 14:34:04 -07:00 |
Marius Niculescu
|
f234891d09
|
Stabilizing ASB v2's auditEnsureSyslogRotaterServiceIsEnabled and remediateEnsureSyslogRotaterServiceIsEnabled (#729)
|
2024-06-19 18:26:43 -07:00 |
Marius Niculescu
|
cd68ccb502
|
Stabilizing ASB v2's auditEnsureRemoteLoginWarningBannerIsConfigured and remediateEnsureRemoteLoginWarningBannerIsConfigured (#728)
|
2024-06-19 16:03:03 -07:00 |
Marius Niculescu
|
6b46ac4ab4
|
Stabilizing ASB v2's auditEnsureAuditdInstalled and remediateEnsureAuditdInstalled (#727)
|
2024-06-19 13:05:01 -07:00 |
Marius Niculescu
|
ef1df6e73d
|
Stabilizing ASB v2's auditEnsureLoggingIsConfigured and remediateEnsureLoggingIsConfigured (#726)
|
2024-06-18 15:31:11 -07:00 |
Marius Niculescu
|
afe605d98c
|
Stabilizing ASB v2's auditEnsurePasswordCreationRequirements and remediateEnsurePasswordCreationRequirements (#725)
|
2024-06-18 12:58:11 -07:00 |
Marius Niculescu
|
0aea987b44
|
Stabilize ASB v2' auditEnsurePortmapServiceIsDisabled and remediateEnsurePortmapServiceIsDisabled and more (#723)
|
2024-06-18 08:50:09 -07:00 |
Ahmed Messaoud
|
3c9eefd37d
|
Update to use new test-reporter on ci (#724)
|
2024-06-17 17:57:51 -07:00 |
Marius Niculescu
|
cfb557c79f
|
Stabilization for ASB v2's auditEnsurePermissionsOnBootloaderConfig and remediateEnsurePermissionsOnBootloaderConfig (#722)
|
2024-06-17 11:45:38 -07:00 |
Marius Niculescu
|
530e9dd70e
|
Stabilizing ASB v2's auditEnsureUnnecessaryAccountsAreRemoved and remediateEnsureUnnecessaryAccountsAreRemoved (#721)
|
2024-06-17 09:53:31 -07:00 |
Marius Niculescu
|
240ca531f8
|
Adding to CI the Security Baseline module test and disabling from build and test unnecessary modules (#720)
|
2024-06-14 16:27:32 -07:00 |
Marius Niculescu
|
ba9a3ce357
|
Making the MIM test recipe for Security Baseline module test in full ASB v2, including confirming audits passing (#718)
|
2024-06-13 15:39:58 -07:00 |
Marius Niculescu
|
bf8da105ea
|
Continued stabilization for ASB v2 audit and remediation and the CI test automation (#717)
|
2024-06-12 14:49:04 -07:00 |
Marius Niculescu
|
d16fcc6cad
|
Continued stabilization for ASB v2: AuditEnsureCronServiceIsEnabled
|
2024-06-07 13:28:52 -07:00 |
Ahmed Messaoud
|
6cb96140bc
|
Updated upload/download artifact to v4 - Changed test reporting action (#701)
Co-authored-by: Marius Niculescu (MariusNi) <mariusni@microsoft.com>
|
2024-06-07 11:23:34 -07:00 |
Marius Niculescu
|
bc9bcc74c5
|
Allowing read access to the NRP logs under /var/log (#715)
|
2024-06-07 10:35:10 -07:00 |
Marius Niculescu
|
a42a795a6e
|
Stabilizing the ASB v2 RemediateEnsurePortmapServiceIsDisabled check (#714)
|
2024-06-06 21:39:41 -07:00 |
Marius Niculescu
|
eb4078a755
|
Work in progress (#713)
|
2024-06-06 16:08:24 -07:00 |