Is Assessor’s remote assessment with WinRM over HTTP as secure as the assessment with WinRM over HTTPS?

Owned by Nick Romanzo, created
Last updated: Oct 10, 2024
1 min read

Product Name

CIS-CAT Pro Assessor v4

Product Version

4.43.0+

Date

Dec 16, 2021

Problem

If we use a Window’s local or domain account for the remote assessment with WinRM over HTTP, could we enjoy the same level of encryption of communication as HTTPS?

 

Solution

HTTP doesn’t provide encryption, HTTPS does provide encryption. NTLMv2 authentication is the only supported authentication method for Windows assessments. Credentials will be encrypted when using NTLMv2 over HTTP. However, everything else will be in cleartext. When using HTTPS, all information will be encrypted.

 

Keywords; winrm encryption secure NTLM AES Kerberos

Content by Label

Copyright © 2020

Center for Internet Security®