Hi
Please change the behavior of CIS to resolve the hostname used in a rule everytime the rule is used and not only once.
I’d like to define network groups containing hostname based rules. For example I’d like to allow svchost.exe to contact Microsoft for automatic updates but not to connect to any IP on ports 80/443.
svchost.exe contacts (for example) download.windowsupdate.com which resolves to different IPs to balance the loads for the update servers. While the IPs change, CIS isn’t aware of that fact and displays alerts.
Thanks