Coverage Analysis
Overview
Coverage Analysis uses AI to evaluate how well your Ansible hardening roles cover CIS Benchmark rules. It identifies gaps in your hardening automation and suggests improvements.
How to Use
- Navigate to AI > Coverage Analysis
- Paste the content of your Ansible role (YAML)
- Enter the CIS rules to check against
- Click Analyze
Understanding Results
The analysis returns:
| Metric | Description |
|---|---|
| Coverage Percentage | Percentage of CIS rules addressed by the role |
| Implementation Quality | High, Medium, Low, or None per rule |
| Gaps | Rules not covered by the Ansible role |
| Recommendations | Suggestions for improving coverage |
Implementation Quality Levels
| Level | Meaning |
|---|---|
| High | Rule fully implemented with proper checks |
| Medium | Rule partially implemented or missing edge cases |
| Low | Rule mentioned but implementation incomplete |
| None | Rule not addressed at all |
Use Cases
- Validate custom Ansible roles before deployment
- Identify gaps in third-party hardening roles
- Prioritize which rules to implement next
- Audit existing hardening automation quality
Requirements
- An active LLM configuration (Settings > LLM)
- Supported providers: YandexGPT, Azure OpenAI, OpenAI
See Also
- AI-powered Ansible task generator - automatically create tasks to close gaps identified by coverage analysis
- CIS Benchmark security hardening - apply CIS rules to servers after evaluating your Ansible role coverage
- Automated CIS remediation workflow - targeted fixes for specific compliance failures with approval workflow
Last updated on