CIS-CAT Version Update issue

[Raja Adeel]

Hello Wazuh Community ,

                            I hope this email finds you well. I am writing to seek assistance regarding an issue I am encountering while trying to update the CIS-CAT version in WAZUH, As a dedicated user of CIS-CAT, I believe your expertise could help me overcome this challenge.

i am facing issue while updating ,Could you kindly provide guidance on how to overcome this update issue? If possible, could you outline the steps I should take to diagnose and address this issue effectively? Additionally, if there are any specific prerequisites or considerations required

[Francis Timilehin Jeremiah]

Hi,Wazuh no longer maintains CIS CAT and it is going to be depreciated completely.Our recommendation would be to migrate to the SCA module , as the open source alternative for CIS CAT, that  is fully maintained by us. The purpose of the SCA is to provide the user with the best possible experience when performing scans about hardening and configuration policies. Here you can see key features of it:

• The last state of each scanned check of every policy is stored in the manager and can be consulted by the SCA tab in the Wazuh App.
• To avoid alert flooding and repeated alerts in each scan. Now, only state changes and new checks are alerted, being those states updated in the manager database.
• CIS policies are based on CIS benchmarks.

As an additional feature, you also will be able to create your own custom SCA rules. By default, the Wazuh agent will run scans for every policy (.yaml or .yml files) present in their ruleset folder: /var/ossec/ruleset/scaFor more details I would recommend you to check these links:

• https://documentation.wazuh.com/current/user-manual/capabilities/sec-config-assessment/index.html
• https://wazuh.com/blog/security-configuration-assessment/