As the title says I would like to see CIS have the ability/option to create separate FW and HIPS rules for the Virtual Kiosk and sandboxed apps
I think this could add security to the VK and Auto sandboxed files especially when running as fully virtualized
If this is possible now obviously this wish is redundant but I would like to know how to achieve this
I also think this would be used on case by case basis or by creating certain group rules
As CIS stands there is some practical “road blocks” to implementing this that need to be over come, you stated a couple. However for users that like to be able to configure and tweak their settings (most CIS users) I think this would be an excellent addition to CIS, another tool in the system hardening box.