Using the SCA app? To perform security configuration assessment against your assets, you'll need to import and build policies, based on the latest CIS benchmarks.
1) Choose CIS policy from our library - Go to Policies and select New > Import CIS Policy. Our out of box policies are based on the latest CIS benchmarks.
You'll see details about the policy in the policy editor.
2) Customize policy content (optional) - double click a section title to view controls within this section and take actions.
> Click Activate/Inactivate to toggle the control status. When a control is Inactive it is not included in policy processing, and it will not be displayed in reports.
> Click the Edit link (or double click the row) to view the control scan parameters (i.e. evaluation logic), status, reference number and edit if you like (and click Save).
3) Assign assets to check compliance against - you can choose asset tags or asset groups. Click Edit to choose assets.
Edit policy assets. Click Add Tag, choose tags to include click Save.
How do I add tags? Choose AssetView from the app picker and go to the Tags section.