Automated Cybersecurity Configuration Assessment and Remediation Using CIS Benchmark
摘要
In recent times, digital infrastructures have become vast and complex; it’s essential to keep them safe from emerging cyber threats. Most of the critical digital infrastructure consists of various network and security devices, including routers, switches, and firewalls, along with operating systems like Windows, Ubuntu, etc. Often these devices are configured manually, lacking compliance with industry security best practices such as Center for Internet Security (CIS) Benchmarks. These manual configuration reviews are extremely time-consuming and prone to human errors, making automated solutions vital in this context. In this research, to address these challenges, assessment and remediation solutions using automation of digital assets such as Fortigate firewalls, Windows, and Ubuntu systems have been explored. The solution is a Python-based tool that conducts remote assessment and remediation of configurations against CIS Benchmark by using an intuitive end-user Graphical User Interface (GUI) with user interaction. The Python scripts gather the configuration data from the remote systems, compare that against the standard of CIS, and generate compliance reports. From the GUI, users can perform configuration assessments and choose remediation options for the Fortigate firewalls to edit policies or configuration settings. The system provides meaningful feedback after successful assessment and remediation actions with user-friendly reports, thereby smoothing the compliance process. The automated system working together with the GUI has greatly enhanced the efficiency of configuration assessments by addressing compliance issues with remediation choices while minimizing human error in the process. The centralized approach driven by the GUI presents a solution for upholding security across various systems and has the possibility of further expansions to encompass more devices and real-time monitoring capabilities.