Merge pull request #1310 from oracle-devrel/security_health_check_update_241011

Security health check update 241011

Author: oheimburger

security/security-design/shared-assets/oci-security-health-check-standard/README.md

@@ -2,7 +2,7 @@
 
 Owner: Olaf Heimburger
 
-Version: 240822
+Version: 241011
 
 Reviewed: 01.02.2024
 
@@ -29,26 +29,40 @@ See the *OCI Security Health Check - Standard Edition* in action and watch the [
 
 Before running the *OCI Security Health Check - Standard Edition* you should download and verify it.
 
-  - Download the latest distribution [oci-security-health-check-standard-240822.zip](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-240822.zip).
+  - Download the latest distribution [oci-security-health-check-standard-241011.zip](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.zip).
   - Download the respective checksum file:
-    - [oci-security-health-check-standard-240822.sha512](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-240822.sha512).
-    - [oci-security-health-check-standard-240822.sha512256](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-240822.sha512256).
+    - [oci-security-health-check-standard-241011.sha512](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.sha512).
+    - [oci-security-health-check-standard-241011.sha512256](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.sha512256).
   - Verify the integrity of the distribution. Both files must be in the same directory (for example, in your downloads directory).
 
     On MacOS:
     ```
     cd <your_downloads_directory>
-    shasum -a 512256 -c oci-security-health-check-standard-240822.sha512256
+    shasum -a 512256 -c oci-security-health-check-standard-241011.sha512256
     ```
 
     On Linux (including Cloud Shell):
     ```
     cd <your_downloads_directory>
-    sha512sum -c oci-security-health-check-standard-240822.sha512
+    sha512sum -c oci-security-health-check-standard-241011.sha512
     ```
 
 **Reject the downloaded file if the check fails!**
 
+### In OCI Cloud Shell
+
+In OCI Cloud Shell you can do a short cut without downloading the files mentioned above to your desktop:
+
+1. Login to your OCI console.
+2. Open Cloud Shell
+3. Run these commands in your Cloud Shell:
+  ```
+  wget -q https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.zip
+  wget -q https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.sha512
+  sha512sum -c oci-security-health-check-standard-241011.sha512
+  unzip -q oci-security-health-check-standard-241011.zip
+  ```
+
 ## Prepare the OCI Tenancy
 
 ### Single Run
@@ -100,7 +114,16 @@ For a detailed description go to [Run the OCI Security Health Check in OCI Cloud
 
 After a completed run you will find a directory with a name starting with your tenancy name followed by a timestamp in your working directory (like `tenancy_name_YYYYMMDDHHmmss_standard`). A zip archive for easier download using the same name will be created, too. Both hold data files for your review.
 
-To start with reviewing the results, open the file named [cis_html_summary_report.html](files/resources/cis_html_summary_report.html)(sample report).
+To start with reviewing the results, open the file named `tenancy_name_YYYYMMDDHHmmss_standard_cis_html_summary_report.html`.
+
+It may look like this example:
+![Flyer](./files/resources/Example_Output.png)
+
+# Known Issues
+
+1. Diagrams are not part of the HTML page.
+   This may be because of broken `numpy installation`. The following command should resolve this:
+   `pip3 install --upgrade --force-reinstall --user numpy`
 
 # Credits
 

security/security-design/shared-assets/oci-security-health-check-standard/files/oci-security-health-check-standard/README.md

@@ -2,7 +2,7 @@
 
 Owner: Olaf Heimburger
 
-Version: 240822 (cis_report.py version 2.8.4)
+Version: 241011 (cis_report.py version 2.8.4+)
 
 ## When to use this asset?
 
@@ -21,22 +21,22 @@ by Oracle Support.
 
 Before running the *OCI Security Health Check - Standard Edition* you should download and verify it.
 
-  - Download the latest distribution [oci-security-health-check-standard-240822.zip](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-240822.zip).
+  - Download the latest distribution [oci-security-health-check-standard-241011.zip](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.zip).
   - Download the respective checksum file:
-    - [oci-security-health-check-standard-240822.sha512](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-240822.sha512).
-    - [oci-security-health-check-standard-240822.sha512256](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-240822.sha512256).
+    - [oci-security-health-check-standard-241011.sha512](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.sha512).
+    - [oci-security-health-check-standard-241011.sha512256](https://github.com/oracle-devrel/technology-engineering/raw/main/security/security-design/shared-assets/oci-security-health-check-standard/files/resources/oci-security-health-check-standard-241011.sha512256).
   - Verify the integrity of the distribution. Both files must be in the same directory (for example, in your downloads directory).
 
     On MacOS:
     ```
     cd <your_downloads_directory>
-    shasum -a 512256 -c oci-security-health-check-standard-240822.sha512256
+    shasum -a 512256 -c oci-security-health-check-standard-241011.sha512256
     ```
 
     On Linux (including Cloud Shell):
     ```
     cd <your_downloads_directory>
-    sha512sum -c oci-security-health-check-standard-240822.sha512
+    sha512sum -c oci-security-health-check-standard-241011.sha512
     ```
 
 **Reject the downloaded file when the check fails!**
@@ -117,7 +117,7 @@ The recommended way is to run the *OCI Security Health Check - Standard* in the
   - Upload the distribution file.
   - Extract it
     ```
-    unzip -q oci-security-health-check-standard-240822.zip
+    unzip -q oci-security-health-check-standard-241011.zip
     ```
 
 ### Run the script
@@ -190,11 +190,11 @@ The recommended way is to run the *OCI Security Health Check - Standard* in the
       Follow the instructions to select /usr/bin/python3.9
     - Log out
 
-  - From your desktop, upload the `oci-security-health-check-standard-240822.zip` file to the Compute VM using any SFTP client.
+  - From your desktop, upload the `oci-security-health-check-standard-241011.zip` file to the Compute VM using any SFTP client.
   - Log into the Compute VM
     - Extract the distribution
       ```
-      unzip -q oci-security-health-check-standard-240822.zip
+      unzip -q oci-security-health-check-standard-241011.zip
       ```
     - Change directory into `oci-security-health-check-standard`:
       ```

security/security-design/shared-assets/oci-security-health-check-standard/files/oci-security-health-check-standard/README.txt

@@ -2,7 +2,7 @@
 OCI Security Health Check - Standard Edition
 ============================================
 Owner: Olaf Heimburger
-Version: 240822 (cis_report.py version 2.8.4)
+Version: 241011 (cis_report.py version 2.8.4)
 
 When to use this asset?
 
@@ -81,7 +81,7 @@ Usage
   - From the menu select the Cloud Shell item.
   - When running it the first time:
     - Upload the provided ZIP file.
-    - Extract it with unzip -q oci-security-health-check-standard-240822.zip
+    - Extract it with unzip -q oci-security-health-check-standard-241011.zip
   - Change directory into oci-security-health-check-standard
     $ cd oci-security-health-check-standard
     $ screen
@@ -138,11 +138,11 @@ Usage
     - Log out
 
   - From your desktop, upload the
-    "oci-security-health-check-standard-240822.zip" file to the Compute VM
+    "oci-security-health-check-standard-241011.zip" file to the Compute VM
     using any SFTP client.
   - Log into the Compute VM
     - Extract the distribution
-      unzip -q oci-security-health-check-standard-240822.zip
+      unzip -q oci-security-health-check-standard-241011.zip
 
     - Change directory into "oci-security-health-check-standard":
       cd oci-security-health-check-standard

security/security-design/shared-assets/oci-security-health-check-standard/files/oci-security-health-check-standard/requirements.txt

@@ -1,6 +1,9 @@
-xlsxwriter>=3.0.3
-pandas>=1.5.2
-openpyxl>=3.0.10
+xlsxwriter>=3.2.0
+pytz
+pandas
+openpyxl>=3.1.5
 pyyaml>=6.0
-oci>=2.119.0
+oci>=2.129.4
 requests
+matplotlib
+numpy