OSCAT: A Comprehensive Tool for Automated CIS Benchmark Auditing

Abstract

Servers play a crucial role in modern digital infrastructure, but misconfiguration in their settings causes security gaps that can potentially lead to serious threats such as data leakage and service disruptions. The Center for Internet Security (CIS) has developed benchmark standards to improve server security, but the manual audit process for server configurations is often time-consuming and prone to human error. This study aims to develop and evaluate the One Stop CIS-Benchmark Auditing Tool (OSCAT), a CIS Benchmark-based server configuration audit automation tool. The research method used is an experimental approach with testing on the Red Hat Enterprise Linux 7 (RHEL 7) operating system using the CIS Benchmark version 3.1.1 security standard. OSCAT is designed with an architecture consisting of Audit Files, Audit Engine, Output Processor, Report Generator. Testing was carried out by auditing 248 security controls and comparing the results with a manual audit to assess the effectiveness of OSCAT in improving the efficiency and accuracy of the audit process. The results showed that OSCAT is able to automate the server configuration audit process with a high level of accuracy, reducing manual workload and increasing efficiency in identifying and handling security risks. Of the 248 security controls tested, OSCAT successfully classified the audit results into Pass, Fail, and Manual Review categories, with advantages in speed and consistency over manual methods. The implications of this research show that OSCAT can be an effective solution for organizations to improve the security of their systems through faster and more accurate automated audits.