Add references to rules (tailscale_rules)

panther-labs · Dec 12, 2023 · 4e0b265 · 4e0b265
1 parent 5c73412
commit 4e0b265
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 0 deletions.
diff --git a/rules/tailscale_rules/tailscale_https_disabled.yml b/rules/tailscale_rules/tailscale_https_disabled.yml
@@ -4,6 +4,7 @@ DisplayName: "Tailscale HTTPS Disabled"
 Enabled: true
 Filename: tailscale_https_disabled.py
 Runbook: Assess if this was done by the user for a valid business reason. Be vigilant to re-enable this setting as it's in the best security interest for your organization's security posture.
+Reference: https://tailscale.com/kb/1153/enabling-https/#disable-https
 Severity: High
 Tests:
     - ExpectedResult: true

diff --git a/rules/tailscale_rules/tailscale_machine_approval_requirements_disabled.yml b/rules/tailscale_rules/tailscale_machine_approval_requirements_disabled.yml
@@ -4,6 +4,7 @@ DisplayName: "Tailscale Machine Approval Requirements Disabled"
 Enabled: true
 Filename: tailscale_machine_approval_requirements_disabled.py
 Runbook: Assess if this was done by the user for a valid business reason. Be vigilant to re-enable this setting as it's in the best security interest for your organization's security posture.
+Reference: https://tailscale.com/kb/1099/device-approval/
 Severity: High
 Tests:
     - ExpectedResult: true

diff --git a/rules/tailscale_rules/tailscale_magicdns_disabled.yml b/rules/tailscale_rules/tailscale_magicdns_disabled.yml
@@ -4,6 +4,7 @@ DisplayName: "Tailscale Magic DNS Disabled"
 Enabled: true
 Filename: tailscale_magicdns_disabled.py
 Runbook: Assess if this was done by the user for a valid business reason. Be vigilant to re-enable this setting as it's in the best security interest for your organization's security posture.
+Reference: https://tailscale.com/kb/1081/magicdns/
 Severity: High
 Tests:
     - ExpectedResult: true