CIS Center for Internet Security

Blog Post: New Options from CIS for STIG Compliance

See all the latest

Alert Level: LOW

Low

Guarded

Elevated

High

Severe

Learn More

Ransomware Protection for SLTTs

MDBR proactively blocks network traffic from an organization to known harmful web domains, helping protect IT systems against cybersecurity threats.

Learn More

CIS harnesses the power of a global IT community to safeguard public and private organizations against cyber threats.

Join MS-ISAC

Join EI-ISAC

The MS-ISAC & EI-ISAC are focal points for cyber threat prevention, protection, response, & recovery for U.S. State, Local, Tribal, & Territorial government entities. CIS is the home of the MS-ISAC and EI-ISAC.

Ransomware Protection for SLTTs

MDBR proactively blocks network traffic from an organization to known harmful web domains, helping protect IT systems against cybersecurity threats.

Learn More

CIS harnesses the power of a global IT community to safeguard public and private organizations against cyber threats.

Join MS-ISAC

Join EI-ISAC

Start Secure, Stay Secure

A CIS SecureSuite Membership combines the CIS Benchmarks, CIS Controls, and CIS-CAT Pro into one powerful cybersecurity resource for businesses, nonprofits, and governmental entities.

Join Now

Consensus-developed secure configuration guidelines for hardening.

Download

Develop and update secure configuration guidelines for 25+ technology families.

Join a Community

Prescriptive, prioritized, and simplified set of cybersecurity best practices.

Download

Refine and verify best practices, related guidance, and mappings.

Join a Community

Learn More

Start Secure. Stay Secure.^®

Membership combines and automates the CIS Benchmarks, CIS Controls, and CIS-CAT Pro into a powerful and time-saving cybersecurity resource.

CIS-CAT Pro enables users to assess conformance to best practices and improve compliance scores over time.

“It is the most important membership for the compliance review of information security available in the market today.”

— Senior Manager, Information Security & Compliance International Public Service & Communications Agency

Consensus-based Guidelines

CIS Benchmarks and CIS Controls are consensus-based guides curated by security practitioners focused on performance, not profit.

Objective Standards

Our security best practices are referenced global standards verified by an objective, volunteer community of cyber experts.

Secure Online Experience

CIS is an independent, non-profit organization with a mission to provide a secure online experience for all.

Information Hub

What's New

Advisory • 02 Dec 2020

A Vulnerability in Mozilla Thunderbird Could Allow for Arbitrary Code Execution

Blog post • 01 Dec 2020

New Options from CIS for STIG Compliance

Blog post • 30 Nov 2020

Commonly Exploited Protocols: Remote Desktop Protocol (RDP)

Media mention • 30 Nov 2020

Remote Desktop Protocol remains one of ‘top attacked protocols’, report says

Media mention • 30 Nov 2020

Center for Internet Security issues new remote desktop security guide, based on CIS Controls

Press-release • 30 Nov 2020

Center for Internet Security (CIS) Releases Remote Desktop Protocol (RDP) Guide

Daily tip

Know Your Peer-to-Peer (P2P) Partner

Peer-to-peer (P2P) networking is a popular method for sharing files, music, photographs, and other information. But this method can come with its share of major risks. It is better knowing who you are sharing data and files with versus browsing for a site that you believe meets your criteria. Data from unknown sites may be corrupted with malware or expose you to legal ramifications.

Center for Internet Security®