Is Assessor’s remote assessment with WinRM over HTTP as secure as the assessment with WinRM over HTTPS?


Product Name

CIS-CAT Pro Assessor v4

Product Version

4.43.0+

Date

Dec 16, 2021



Problem

If we use a Window’s local or domain account for the remote assessment with WinRM over HTTP, could we enjoy the same level of encryption of communication as HTTPS?

 

Solution

HTTP doesn’t provide encryption, HTTPS does provide encryption. NTLMv2 authentication is the only supported authentication method for Windows assessments. Credentials will be encrypted when using NTLMv2 over HTTP. However, everything else will be in cleartext. When using HTTPS, all information will be encrypted.

 

Keywords; winrm encryption secure NTLM AES Kerberos

Content by Label


Copyright © 2020

Center for Internet Security®