This project is designed to deliver CIS security benchmarks in PowerShell DSC via the included CISDSC module. Note that CIS benchmarks are designed for domain joined machines meaning stand-alone/workgroup machines are not supported. If applied to a stand-alone machine any remoting capabilities will break without proper exclusions and may have other unknown side effects.
It also contains a module to assist in the creation of these resources via CISDSCResourceGeneration which is a heavily modified fork of Microsoft's BaselineManagement module.
PowerShell DSC is a configuration management framework built into Windows 7+ powered by PowerShell. The below video gives a high level explanation of the framework.
What is PowerShell DSC (Desired State Configuration)?
Credit to "Eye on Tech" for the great explanation video
PowerShell DSC resources like the ones offered here can be utilized within other configuration management platforms as well. Making this an easy solution regardless of your platform of choice. However the majority of these platforms do not currently support composite resources so generic PowerShell script options may be required vs native DSC support. This is an issue with the PSDesiredStateConfiguration module that is not currently open source.
More detailed information can be found in the getting started with DSC document
The actual DSC resources should be installed via the CISDSC module's PSGallery page.
# This will install on the local machine
Install-Module -Name 'CISDSC'
# This will download a copy of the module and its dependencies to the specified location
Save-Module -Name 'CISDSC' -Path 'Replace Me'You can be notified of new releases by following the notifications documentation.
The process of customizing these resources for your environment is outlined in customization.
Contribution information can be found in the contributions documentation. Any community engagement is subject to the code of conduct.
Disclosure details can be found in the security documentation.