Aria Automation Secure Hosts (formerly SecOps) Windows compliance scores low when compared to other host compliance scan tools
search cancel

Aria Automation Secure Hosts (formerly SecOps) Windows compliance scores low when compared to other host compliance scan tools

book

Article ID: 369593

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

Compliance scan scores from Aria Automation Secure Hosts may differ from other tools such as Qualys.

Example:
For a Windows 2022 host:

  • Aria Automation Secure Hosts scan: 39%

  • Qualys scan: 77%

Environment

Aria Automation for Secure Hosts (formerly Aria Automation for SecOps) 8.x

Cause

Aria Automation Secure Hosts currently has a scanning limitation for Windows machines:

  • It scans only local group policies.

  • It does not scan the HKey Registry, where some compliance settings reside.

As a result, certain issues requiring registry-based validation are not detected, leading to lower overall compliance scores.

Resolution

 

This limitation is acknowledged and currently unresolved, as results are compared against the out-of-the-box benchmarks provided.

Workaround:

Use another scanning tool (e.g., Qualys) to generate compliance results, then import these results into Aria Automation Secure Hosts to establish a benchmark. The benchmark can then be used for compliance scanning.

 

 

Powered by Wolken Software