CIS Benchmarks January 2021 Update

CIS-Benchmarks

 

CIS is excited to announce the release of the following CIS Benchmarks. These CIS Benchmark releases would not have been possible without the time and support of community contributors through the form of tickets, comments, and joining our community calls. Your contributions are invaluable to our consensus process and we thank you for volunteering.

CIS Cisco NX-OS Benchmark v1.0.0

Prescriptive guidance for establishing a secure configuration posture for Cisco devices running Cisco NX-OS.

Special thanks to Rob Vandenbrink for his contribution to this initial release.

Download the CIS Cisco NX-OS Benchmark PDF

CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.

CIS Apache Tomcat 9 Benchmark v1.0.0

Prescriptive guidance for establishing a secure configuration posture for Apache Tomcat versions 9.0 running on Linux. This guide was tested against Apache Tomcat 9.0 as installed by tar packages provided by Apache. Major changes in this release:

  • The recommendation 'Enable strict servlet Compliance’ has been moved to Level 2 due its potential impact
  • Guidance on using TLS has been updated to recommend TLS versions 1.2 and/or 1.3
  • A new recommendation to encrypt Manager Application Passwords has been added
  • Artifacts have been added to numerous recommendations in support of new automated assessment content to be included in a future release of CIS-CAT

Special thanks to Joern Krueger, James Scott, and Ardnor Zeqiri for their contributions to this release.

Download the CIS Apache Tomcat 9 Benchmark PDF

CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.

CIS Apple macOS 10.12 Benchmark v1.2.0

Prescriptive guidance for establishing a secure configuration posture for Apple macOS 10.12. This guide was tested against Apple macOS 10.12. Major changes in this release:

  • Updated audits and remediations for the password policy section
  • Added CIS Controls v7.1

Special thanks to Ron Colvin and William Harrison for their work on this release.

Download the CIS Apple macOS 10.12 v1.2.0 Benchmark PDF

CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.

CIS Alibaba Cloud Foundation Benchmark v1.0.0

This is a brand new CIS Benchmark for Alibaba Cloud. It contains prescriptive guidance for configuring security options for a subset of Alibaba Cloud services with an emphasis on foundational, testable, and architecture agnostic settings. Here is a brief glimpse of what is covered:

  • Identity and Access Management (IAM) settings
  • Logging and monitoring configurations
  • Networking settings
  • Virtual Machine settings
  • Storage configuration
  • Relational Database Services (RDS) settings
  • Kubernetes Engine settings
  • Alibaba Cloud Security Center settings

A huge thanks to the community, editors, and the Alibaba Cloud team for all of the work that went into creating and this initial release.

Download the CIS Alibaba Cloud Foundation Benchmark PDF

CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.

CIS_Benchmarks_Community

Get involved by helping us develop content, review recommendations, and test CIS Benchmarks. Join a community today! We're looking for contributors for the following technologies:

Have questions about the CIS Benchmarks development process and how to get involved? Reach out to us at benchmarkinfo@cisecurity.org. You can also learn more on the CIS Benchmarks Community page.