Skip to content

[FIX4 ] Compliance and detection accuracy: CIS mappings, duplicate controls, TLS compare, Graph pagination #152

Description

@TFT444

Objective

Fix four findings affecting compliance scoring accuracy and detection at scale.

Findings addressed

  • COR-005 MEDIUM: AZ-CMP-001 maps to the wrong CIS control, correct the mapping
  • COR-006 MEDIUM: Duplicate CIS control IDs corrupt compliance scoring, deduplicate
  • COR-007 LOW: TLS version string comparison is lexicographically wrong, compare versions numerically
  • COR-008 LOW: Graph API pagination not followed causing false negatives at scale, follow next page links

Acceptance criteria

  • AZ-CMP-001 maps to the correct CIS control
  • No duplicate CIS control IDs
  • TLS version comparison is correct
  • Graph API pagination fully followed
  • CI passes, base branch dev

Category

Correctness

Metadata

Metadata

Assignees

Labels

priority: highImportant, should be fixed in the current sprint

Type

Fields

No fields configured for Bug.

Projects

Status
📋 Backlog

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions