RuleBuilderExtensions

Creates a simple pass/fail test.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

testName System.String requiredposition: 1

propertyPath System.String requiredposition: 2

expectedValue System.Boolean = true optionalposition: 3

importance TestimoX.Definitions.Importance = Moderate optionalposition: 4

Creates a percentage test.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

testName System.String requiredposition: 1

propertyPath System.String requiredposition: 2

minPercentage System.Double requiredposition: 3

importance TestimoX.Definitions.Importance = Moderate optionalposition: 4

Creates a security score test.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

testName System.String requiredposition: 1

issueWeights System.Collections.Generic.Dictionary{System.String,System.Int32} requiredposition: 2

minimumScore System.Int32 = 70 optionalposition: 3

Excludes items whose String) property equals any of the provided keys.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

Rule builder.

keys System.String[] requiredposition: 1

Values to exclude.

Returns

The same builder.

Sets whether the source is expected to return data. Use false for "findings-only" rules that legitimately return an empty list when no issues are present (to avoid failing the gate).

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

expectOutput System.Boolean requiredposition: 1

Semantic alias for Boolean) when a rule returns only findings. Use on rules whose source produces a list of issues; empty list means "good".

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

Includes only items whose String) property equals any of the provided keys.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

keys System.String[] requiredposition: 1

Sets the property path that identifies a unique object (used to match inclusions/exclusions).

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

Rule builder.

propertyPath System.String requiredposition: 1

Property path (e.g., "SamAccountName").

Returns

The same builder.

Declares that the rule requires enumerating computer data and allows specifying filters/scope.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

Rule builder.

configure System.Action{TestimoX.Planning.ComputerDataRequirement} requiredposition: 1

Callback to configure computer data needs.

Returns

The same builder.

Declares generic dataset requirements to pre-warm once for this run. Prefer this over specialized helpers.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

dataSets TestimoX.Planning.DataSetKind[] requiredposition: 1

Declares that the rule requires Group Policy data and specifies which caches to warm.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

Rule builder.

configure System.Action{TestimoX.Planning.GpoDataRequirement} requiredposition: 1

Callback to configure GPO data needs.

Returns

The same builder.

Declares that the rule requires enumerating group data and allows specifying filters/scope.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

Rule builder.

configure System.Action{TestimoX.Planning.GroupDataRequirement} requiredposition: 1

Callback to configure group data needs.

Returns

The same builder.

Sets the minimal permission level required to execute this rule.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

permission TestimoX.Definitions.PermissionRequired requiredposition: 1

Declares that the rule requires enumerating user data and allows specifying filters/scope.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

Rule builder.

configure System.Action{TestimoX.Planning.UserDataRequirement} requiredposition: 1

Callback to configure user data needs.

Returns

The same builder.

Attaches inline crosswalk references to vendor baselines or external docs. This makes mappings visible directly in the rule source.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

refs TestimoX.Definitions.RuleVendorRef[] requiredposition: 1

Adds guidance (summary, investigation, remediation, references, examples) to a rule.

Parameters

builder TestimoX.Testing.RuleBuilder requiredposition: 0

configure System.Action{TestimoX.Testing.RuleBuilderExtensions.GuidanceBuilder} requiredposition: 1

Examples

var rule = RuleBuilder.Create("DomainGpoAnonymousPermissions")
    .DisplayName("GPO – Anonymous Permissions")
    .Description("Checks whether anonymous access to directory data is allowed.")
    .ForScope(Scope.Domain)
    .WithGuidance(g => g
        .Summary("Anonymous access should be disabled to reduce information exposure.")
        .WhyItMatters("Unauthenticated users may enumerate users, groups, and other objects.")
        .HowToFix(
            "Set 'Network access: Do not allow anonymous enumeration of SAM accounts and shares' to Enabled.",
            "Ensure 'Allow anonymous SID/Name translation' is Disabled.")
        .Reference("Security baseline", "https://aka.ms/win-baselines"))
    .Build();