Is there a way to add your own “folders” to a policy? I’m not sure if that’s the proper term for what I’m talking about, but for instance, if I clone and edit “CIS Microsoft Windows Server 2016 RTM (Release 1607) Benchmark Level 2 - Member Server” I see 6 folders in a tree type hierarchy.
-
- Account Policies
-
- Local Policies
-
- Windows Firewall With Advanced Security
-
- [etc]
Each of these might contain sub-folders. In my example, “1. Account Policies” contains “1.1. Password Policy” and “1.2. Account Lockout Policy”.
So my goal is to add to this policy, I want to check if certain software is installed property (e.g. antivirus), so I can add a registry check to look for the correct registry keys, and then a service check to make sure the service is running, and a file check to make sure the configuration XML file is present. I want to group all of these into their own folder/subfolders. I may want to create something like:
-
- Software Check
- 20.1. Antivirus
- 20.2. EDR Solution
etc. This way I don’t have a bunch of loose policies floating around under the top level “Policy Rules” folder. I want to organize things, but I don’t see any way of doing this.
Sorry for the long example or if I’m missing something obvious. Does anyone know how to create folders like this, and then move rules into them?