CIS Offers New Distribution Independent Linux Benchmark

May 24, 2016

East Greenbush, NY

The Center for Internet Security® (CIS) is now offering the Distribution Independent Linux Benchmark. It gives users a general idea of where to find and how to set common Linux configurations, irrespective of distribution. Plus the new Benchmark provides an alignment platform to get updates, which are discovered in a specific area, moved into all of the benchmarks it relates to instead of just being applied locally.

 CIS Benchmarks

The CIS Security Benchmarks program provides well-defined configuration best practices to help organizations worldwide assess and improve their cyber security. More than 100 consensus-based Security Benchmarks have been developed today and are available in PDF format free to the general public. The CIS Security Benchmarks are developed through a collaborative consensus development process with security experts. They are used successfully by organizations that range from small nonprofit businesses to Fortune 500 companies.

The CIS Security Benchmarks are referenced in recognized security standards and control frameworks, including:

  • CIS Critical Security Controls Version 6.0
  • Payment Card Industry Data Security Standard (PCI DSS) Version 3.1 (April 2016)
  • National Institute of Standards and Technology (NIST) Guide for Security-Focused Configuration Management of Information Systems
  • Federal Risk and Authorization Management Program (FedRAMP) System Security Plan

Security Benchmarks membership offers affordable, consensus-based solutions and a host of valuable benefits:

  • Automated Configuration Assessment Tool (CIS CAT) to rapidly identify vulnerabilities with coverage for 80+ CIS Security Benchmarks
  • Remediation content to automatically implement secure configurations
  • Assistance with compliance obligations for the Federal Information Security Modernization Act (FISMA), the Health Insurance Portability and Accountability Act (HIPAA), and more
  • Turnkey, easy-to-use solutions, which deliver peace of mind and confidence that members are applying best practices for cybersecurity

CIS also offers hardened virtual machine images in the Amazon Web Services (AWS) Elastic Compute Cloud (EC2) environment. The CIS Amazon Machine Images (AMIs) are configured according to the applicable CIS Benchmarks. AMIs are included with CIS Security Benchmarks membership or are available for purchase separately in the AWS Marketplace.

CIS Security Benchmarks membership is priced on a sliding scale based on intended use of the Security Benchmarks resources. CIS provides membership categories for a range of use cases including end user (internal), IT consultant, security software vendor, and much more. Learn more about the CIS Benchmarks.

About the Center for Internet Security

The Center for Internet Security (CIS) is a 501(c)(3) organization dedicated to enhancing the cybersecurity readiness and response among public and private sector entities. Utilizing its strong industry and government partnerships, CIS combats evolving cybersecurity challenges on a global scale and helps organizations adopt key best practices to achieve immediate and effective defenses against cyber attacks. CIS is home to the Multi-State Information Sharing & Analysis Center (MS-ISAC), CIS Security Benchmarks, and CIS Critical Security Controls. To learn more, visit and follow us on Twitter: @CISecurity.