This guide helps you understand how to identify what value Saner CVEM is expecting and what it actually found on the system for a compliance rule (CCE), when a device is marked Non-Compliant after applying a benchmark.
Go to the Saner CVEM console.
Select your Organization, then go to your Account.
Navigate to:
Devices > [Select your device] > Misconfigurations > Compliance Details
Find the rule (CCE ID) marked as non-compliant in the list.
Click the Evidence icon next to the CCE.
What You’ll See in the Evidence View
Field | Description |
---|---|
CCE ID | Compliance rule identifier (e.g., CCE-97507-8) |
Rule Description | What the rule checks (e.g., specific registry setting) |
Registry Hive/Key/Name | Location in the system being evaluated |
Expected Value | The value the benchmark policy requires |
Detected Value / Status | Actual system value or key presence status |
✅ CCE-97532-6
Expected:
RequireSignOrSeal = 1
Detected:
1
✅ Compliant
❌ CCE-97507-8
Expected:
fPromptForPassword = 1
UserOption = 0
Detected:
fPromptForPassword
→ Key missingUserOption = 1
❌ Non-Compliant
To export all CCE evidence:
Navigate to
Compliance Details
Click the CSV icon at the top-right corner
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article