Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/juju4/crowdstrikefalcon-baseline
CrowdStrike Falcon Baseline - InSpec Profile
https://github.com/juju4/crowdstrikefalcon-baseline
Last synced: 27 days ago
JSON representation
CrowdStrike Falcon Baseline - InSpec Profile
- Host: GitHub
- URL: https://github.com/juju4/crowdstrikefalcon-baseline
- Owner: juju4
- License: bsd-2-clause
- Created: 2022-04-02T17:04:49.000Z (almost 3 years ago)
- Default Branch: master
- Last Pushed: 2022-04-02T17:32:09.000Z (almost 3 years ago)
- Last Synced: 2024-11-07T17:40:52.929Z (3 months ago)
- Language: Ruby
- Size: 17.6 KB
- Stars: 0
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Crowdstrike Falcon InSpec Profile
Ensure Crowdstrike Falcon is installed, configured and active on Linux, MacOS or Windows system.
```
% inspec exec crowdstrikefalcon-baseline -t ssh://user@hostname
% inspec exec crowdstrikefalcon-baseline -t ssh://user@hostname --sudo
```
## Known issues
* inspec does not provide a per task sudo option outside of calling it for specific command, meaning only the global option can be used to fully evaluate baseline. This is required for file evaluations.
* If not using default ssh key path, you may need to specify it manually
```
% inspec exec crowdstrikefalcon-baseline -t ssh://user@hostname -i /path/to/id_rsa.custom
```
## References
* https://www.crowdstrike.com/falcon-platform/