CIS Logo
tagline: Confidence in the Connected World

CIS Benchmarks August 2020 Update

CIS Password Policy Guide

The CIS Benchmarks Community has created a new CIS Password Policy Guide, with up-to-date best practices for creating passwords, passphrases, and other defensive techniques. This easy-to-follow Guide not only provides best practices but explains the reasoning behind the recommendations. It includes information on the most common password hacking techniques, along with best practice recommendations to prevent attacks. The Guide was developed through the same community-driven, consensus-based process used to develop the CIS Benchmarks.

Read the blog post or download the Guide.

CIS Oracle Cloud Infrastructure Foundations Benchmark v1.0.0

The CIS Oracle Cloud Infrastructure Foundations Benchmark was published in August 2020. This objective, consensus-driven security guideline provides prescriptive guidance to establish a secure baseline configuration in the Oracle Cloud hosting environment.

The new CIS Foundations Benchmark (a first version release) is the result of nearly two years of development. The step-by-step checklist includes detailed recommendations for Identity and Access Management, networking, and logging and monitoring.

The recommendations in the new CIS Foundations Benchmark for Oracle Cloud include:

  • Encouraging the use of multi-factor authentication (MFA) for all console users
  • Restricting remote administration ports outside of the enterprise network
  • Configuring logging and notifications to aid in identifying anomalous behavior and investigate potential compromises
Download the CIS Oracle Cloud Infrastructure Foundations Benchmark v.1.0.0

Our members can visit CIS WorkBench to download other formats and related resources.

CIS Kubernetes Benchmark v1.6.0

Prescriptive guidance for establishing a secure configuration posture for Kubernetes 1.16 - 1.18.

Download the CIS Kubernetes Benchmark v1.6.0

Our members can visit CIS WorkBench to download other formats and related resources.

CIS Microsoft Windows 10 Enterprise Release 2004 Benchmark v1.9.0

A lot of effort has gone into updating the content of this CIS Benchmark. The full change log is included at the end of the versions for download. Here is a brief glimpse of what we did to improve the value of this CIS Benchmark:

  • Added four new security settings
  • Moved and renamed several settings due to updated ADMX templates
  • Removed four settings that were outdated

A huge thank you to the Windows Community and Windows Team for making this happen, and special thanks to Haemish Edgerton.

Download the CIS Microsoft Windows 10 Enterprise Release 2004 Benchmark v1.9.0

Our members can visit CIS WorkBench to download other formats and related resources.

CIS_Benchmarks_Community

Get involved by helping us develop content, review recommendations, and test CIS Benchmarks. Join a community today! We're looking for contributors for the following technologies:

  • Microsoft Azure Foundations
  • Zoom Video Communication
  • Cisco - NX-OS
  • Oracle MySQL
  • Apple OS

Have questions about the CIS Benchmark development process, how you can contribute, or how to get involved? Reach out to us at benchmarkinfo@cisecurity.org. You can also learn more on the CIS Benchmarks Community page.