diff --git a/content/rancher/v2.5/en/cis-scans/_index.md b/content/rancher/v2.5/en/cis-scans/_index.md index 39cbc411e56..6f72660c12c 100644 --- a/content/rancher/v2.5/en/cis-scans/_index.md +++ b/content/rancher/v2.5/en/cis-scans/_index.md @@ -108,7 +108,7 @@ From Rancher v2.5.4, the scan uses the CIS Benchmark v1.6 by default. In Rancher The Benchmark version is included in the generated report. -The Benchmark provides recommendations of two types: Scored and Not Scored. Recommendations marked as Not Scored in the Benchmark are not included in the generated report. +The Benchmark provides recommendations of two types: Automated and Manual. Recommendations marked as Manual in the Benchmark are not included in the generated report. Some tests are designated as "Not Applicable." These tests will not be run on any CIS scan because of the way that Rancher provisions RKE clusters. For information on how test results can be audited, and why some tests are designated to be not applicable, refer to Rancher's self-assessment guide for the corresponding Kubernetes version. diff --git a/content/rancher/v2.5/en/security/_index.md b/content/rancher/v2.5/en/security/_index.md index 72707dc1ff6..c52daf4bde1 100644 --- a/content/rancher/v2.5/en/security/_index.md +++ b/content/rancher/v2.5/en/security/_index.md @@ -44,7 +44,7 @@ The Center for Internet Security (CIS) is a 501(c\)(3) non-profit organization, CIS Benchmarks are best practices for the secure configuration of a target system. CIS Benchmarks are developed through the generous volunteer efforts of subject matter experts, technology vendors, public and private community members, and the CIS Benchmark Development team. -The Benchmark provides recommendations of two types: Scored and Not Scored. We run tests related to only Scored recommendations. +The Benchmark provides recommendations of two types: Automated and Manual. We run tests related to only Automated recommendations. When Rancher runs a CIS security scan on a cluster, it generates a report showing the results of each test, including a summary with the number of passed, skipped and failed tests. The report also includes remediation steps for any failed tests.