What is an Issue?
In Runecast, an Issue represents a discovered problematic combination of infrastructure values such as configuration settings, log patterns, software and hardware type and versions, etc. The discovered combination of values is considered problematic based on information from various sources including vulnerabilities, industry best practices and security compliance profiles.
Configuration issue
A configuration issue in Runecast has the following properties:
| Property | Description | Issue type |
|---|---|---|
| Severity | This grades the estimated criticality of the issue based on its general impact and importance. Depending on the specifics of your environment, it is possible that certain issues may have a different importance than the suggested severity. | All issues |
| Profile | Profile code, indicating to which knowledge profile the issue belongs to. | All issues |
| Title | A short description of the issue. | All issues |
| Products | Products supported by Runecast. Refer to the Supported Systems section for details about the supported systems. | All issues |
| Affects | The infrastructure quality the issue affects – Availability, Manageability, Performance, Recoverability, Security. | All issues |
| Layer | The infrastructure layer the issue affects – Compute, Network, Storage, VM, Management. | All issues |
| Failing | The number of infrastructure objects affected by this issue. | All issues |
| Passing | The number of applicable infrastructure objects not affected by this issue. | All issues |
| Unanswered | The number of applicable infrastructure objects for this issue awaiting manual answer. | All issues |
| Unlicensed | The number of applicable infrastructure objects for this issue which are unlicensed and no result is shown. | All issues |
| Filtered | The number of applicable infrastructure objects for this issue which are filtered out by the user. | All issues |
| Issue ID | Runecast ID of the issue. | All issues |
| Impact | Relative representation of the previous counts. Shows the overall portion of affected objects against the healthy ones. | All issues |
| Result | Shows the status of the issue: Failed, Passed, Filtered out, Not answered, Unlicensed | All issues |
| Vulnerability ID | The identification id set by Information Assurance Support Environment on their rules list. | DISA STIG |
| Control ID | The identification id set by Payment Card Industry Security Standards Council on their documentation list. | PCI DSS |
| Milestone | Milestones are defined in the PCI DSS standard to enable you to use the "Prioritized Approach" to prioritize higher risk issues. | PCI DSS |
| Rule ID | The identification id set by Health Insurance Portability and Accountability Act on their documentation list. | HIPAA |
| Building Block | The identification id set by Bundesamt fur Sicherheit in der Informationstechnik on their IT-Grundschutz documentation list. | BSI IT-Grundschutz |
| Recommendation Section | The identification id set by Center for Internet Security on their documentation list. | CIS |
| Level | The benchmark defines the identification id of the existing configuration profiles. | CIS |
| Scored | A scoring status indicates whether compliance with the given recommendation impacts the assessed target's benchmark score. | CIS |
| Priority | The recommended priority codes used for sequencing decisions during security control implementation. | NIST |
| Controls | The identification id set by National Institute of Standards and Technology on their documentation list. | NIST |
| Category | The area that customers need to strengthen to keep their private data safe. | GDPR |
| Articles | The identification id on the GDPR documentation. | GDPR |
| Technical control theme | The area that customers need to strengthen to keep their private data safe. | Cyber Essentials |
| ISO controls | The identification id set by International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) on their documentation list. | ISO 27001 |
| TISAX controls | The identification id set by TISAX is based on the standard ISO/IEC 27001. The controls themselves are formulated as questions. | TISAX |
| Mitigation strategy | The Strategies to Mitigate Cyber Security Incidents is a prioritised list of mitigation strategies to assist organisations in protecting their systems against a range of adversaries. The mitigation strategies can be customised based on each organisation’s risk profile and the adversaries they are most concerned about. | Essential Eight |
Once you expand a configuration issue in the Runecast interface, you can view additional properties:
| Property | Description |
|---|---|
| Issue Description | A detailed description of the issue. |
| Analysis Findings | Provides complete overview of the analyzed objects and their corresponding statuses. Please refer to the Analysis Findings section for details about this view. |
| Filter out | Allows to filter out this issue for any infrastructure objects or system based on your selection. |
| Custom profiles | Access to actions related to Custom Profiles |
| Reference | A link to online resources further describing the issue. |
| Updated | The date when the issue definition was last updated in the Runecast database. |
Analysis Findings
The Analysis Findings tab in the issue details view shows information about the analyzed systems and all relevant objects for that issue. Each object can be in one of the following states:
- Failed
The objects in this state indicate that they are misconfigured in the context of the issue or a contributing factor to another object in Failed state - Passed
The objects in this state don't have any findings in the context of the issue - Filtered out
The objects in this state are in the scope of a user configured filter - Not answered
The objects in this state are awaiting for a manual answer - Unlicensed
The objects in this state are not licensed
You can use the filter above the systems list to select a specific state.
Log issue
A log related issue in Runecast has the following properties:
Note
Log issues are only applicable for VMware products
| Property | Description |
|---|---|
| Severity | This grades the estimated criticality of the issue based on its general impact and importance. Depending on the specifics of your environment, it is possible that certain issues may have a different importance than the suggested severity. |
| Applies to | The virtual infrastructure layer the issue affects – Compute, Network, Storage, VM, Management. |
| KB id | ID of the VMware Knowledge Base article. |
| Products | The applicable VMware products for this issue. |
| Objects | The number of objects affected by this issue. |
| Last seen date | The last date and time when the problematic log pattern was detected. |
| Description | A short description of the issue. |
| Issue ID | Runecast ID of the issue. |