CIS Hardened Images Configured to CIS Benchmarks Now Available on Google Cloud Platform

July 6, 2017

East Greenbush, NY

CIS is now offering hardened virtual machine images configured to the CIS Benchmarks in the Google Cloud Platform (GCP) marketplace.

The CIS Hardened Images are designed to be evaluated, purchased, and deployed in minutes to deliver an increasingly broad array of common software infrastructure on Google Cloud Platform. The new images are configured based on CIS’ Benchmarks, a set of internationally recognized secure configuration recommendations.

The CIS Hardened Images in the GCP marketplace will support multiple operating systems for Windows® and Linux® and Ubuntu®. They will allow users to deploy secure instances based on industry best practices and existing best practice compliance requirements.

“Availability of CIS Hardened Images in the GCP marketplace will give customers a wide variety of secure image options, in addition to GCP’s public images. These images will help organizations reduce time, cost, and risk in their cloud deployments,” said Curtis Dukes, CIS Executive Vice President & General Manager Security Best Practices & Automation.

The CIS Benchmarks program provides well-defined configuration best practices to help organizations worldwide assess and improve their cybersecurity. More than 100 consensus-based CIS Benchmarks have been developed and are already available in PDF format free to the general public. The CIS Benchmarks are developed through a collaborative consensus development process with security experts. They are used successfully by organizations that range from small nonprofit businesses to Fortune 500 companies.

The CIS Benchmarks are referenced in recognized security standards and control frameworks, including:

  • CIS Controls™ Version 6.1
  • Payment Card Industry Data Security Standard (PCI DSS) Version 3.1 (April 2016)
  • National Institute of Standards and Technology (NIST) Guide for Security-Focused Configuration Management of Information Systems
  • Federal Risk and Authorization Management Program (Fed RAMP) System Security Plan

Learn more about the CIS Benchmarks.

CIS is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. Our CIS Controls and CIS Benchmarks are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities.