Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Verbose Security info #8

Open
YamatoSecurity opened this issue Mar 8, 2025 · 0 comments
Open

Verbose Security info #8

YamatoSecurity opened this issue Mar 8, 2025 · 0 comments
Assignees
@fukusuket
Labels
enhancement New feature or request
Milestone
v1.0.0

Comments

@YamatoSecurity
Copy link
Contributor

It would be nice to have a detailed report on the different Security settings.

Ex:

Account Logon
   - Credential Validation: enabled (3 critical, 4 high, 2 medium, 1 low, 10 info)
      - Volume: Depends on NTLM usage. Could be high on DCs and low on clients and servers.
      - Default settings: Client OS: No Auditing | Server OS: Success
      - Recommended settings: Client and Server OSes: Success and Failure
   - Kerberos Authentication Service: disabled  (5 critical, 10 high, 6 medium, 1 low, 10 info)
      - Note: These events are only generated on domain controllers
      - Volume: High
      - Default settings: Client OS: No Auditing | Server OS: Success
      - Recommended settings: Client OS: No Auditing | Server OS: Success and Failure
etc...

This information is taken from https://github.com/Yamato-Security/EnableWindowsLogSettings/blob/main/ConfiguringSecurityLogAuditPolicies.md with the number of rules being dynamically generated.
@YamatoSecurity YamatoSecurity added the enhancement New feature or request label Mar 8, 2025
@YamatoSecurity YamatoSecurity added this to the v1.0.0 milestone Mar 8, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fukusuket fukusuket

Labels
enhancement New feature or request
Projects
None yet
Milestone
v1.0.0
Development

No branches or pull requests
2 participants
@fukusuket @YamatoSecurity