Hi everyone,
I’ve been searching for relevant information on conducting a Rapid7 CIS policy scan for SQL Server but haven’t found anything useful, except this short post from R7:
Database scanning credential requirements | InsightVM Documentation
I’m attempting to run a successful scan on a SQL Server host. While I can authenticate with the Windows domain account on the host itself, I’m facing issues with the SQL DB authentication. The second domain account, which has read privileges to all databases within SQL Server, fails to authenticate.
Has anyone successfully assessed SQL Server for CIS Policies? Any insights or guidance would be greatly appreciated.