CIS Releases CIS-CAT Pro Assessor v4

Updated Assessment Tool Available to CIS SecureSuite® Members Now Includes Remote Assessment

November 6, 2018

East Greenbush, NY

CIS®, (Center for Internet Security, Inc.) announced the introduction of CIS-CAT Pro Assessor v4 today, which now includes remote assessment capabilities.“Based on user demand, we are excited to add a remote assessment capability to our premier CIS Benchmark assessment tool,” said Curtis Dukes, CIS Executive Vice President of Security Automation & Best Practices Group.

The CIS-CAT Pro Assessor v4 features include:

  • Remote assessment through the Command Line Interface (CLI). CIS-CAT Pro Assessor v4 allows users to assess remote endpoints via the command line. Remotely assess Windows endpoints using WinRM and an “ephemeral” agent, and Unix®/Linux® systems primarily using SSH and an “ephemeral” agent.
  • Single server installation: Using CIS-CAT Pro Assessor v4’s remote features requires users to place the assessor tool only on one server. The added benefit to this method is that organizations need Java® 1.8 installed and updated on the server where CIS-CAT Pro Assessor v4 resides
  • Report integration with CIS-CAT Pro Dashboard: CIS-CAT Pro Assessor v4 continues to pair with the newly updated CIS-CAT Pro Dashboard to show system compliance over time. Users can sort and view assessment results by compliance type, department, or any other category using the custom tagging feature. Alerts occur within the dashboard when assessment scores drop.
  • Secure content support: CIS-CAT Pro Assessor v4 supports Security Content Automation Protocol (SCAP) 1.2 data-stream collections, XCCDF 1.2-based content, and OVAL® Definitions files, such as inventory and vulnerability definitions.

This robust update to CIS-CAT Pro is available to download via the CIS WorkBench.  CIS SecureSuite Members can download it now at

Tips for Success with CIS-CAT Pro

CIS will continue to support CIS-CAT Pro Assessor v3 and encourages SecureSuite members to use the version that works best for their environment. Both v3 and v4 require an accessible Java Runtime Environment (JRE). CIS-CAT Pro Assessor v3 requires 1.6 or later, while CIS-CAT Pro Assessor v4 requires 1.8 or later.

CIS-CAT Pro Assessor v4 is only available through the CLI. Users requiring a graphical interface can continue to use CIS-CAT Pro v3. CIS-CAT Pro’s future roadmap includes assessment orchestration using CIS-CAT Pro Dashboard’s graphical interface.

CIS Benchmark coverage: At release, CIS-CAT Pro Assessor v4 can be used with a selection of more than 65+ CIS Benchmarks™. See the CIS-CAT Pro Assessor Coverage Guide for the most up-to-date information regarding platform coverage.

For more information, visit: