CIS Benchmarks July 2020 Update

CIS-Benchmarks

 

 

CIS Amazon Elastic Kubernetes Service (EKS) Benchmark v1.0.0

Prescriptive guidance for running Amazon Elastic Kubernetes Service (EKS) following recommended security controls. The CIS Benchmark only includes controls which can be modified by an end user of Amazon EKS.

Download the CIS Amazon Elastic Kubernetes Service (EKS) Benchmark v1.0.0

Our members can visit CIS WorkBench to download other formats and related resources.

CIS Linux Benchmark Releases

Thank you to all of our Community volunteers who contributed their time and expertise towards these updates in the form of tickets, comments, and joining our editor calls. Your contributions are invaluable to our consensus process. Special thanks to Jon Christopherson, James Trigg and Richard Costa without whose help the following CIS Linux Benchmarks would not have been possible.

CIS CentOS Linux 7 Benchmark v3.0.0*

Prescriptive guidance for establishing a secure configuration posture for CentOS Linux 7 systems running on x86 and x64 platforms. The document was tested against CentOS 7.8.

Download the CIS CentOS Linux 7 Benchmark
Our members can visit CIS WorkBench to download other formats and related resources.

CIS Oracle Linux 7 Benchmark v3.0.0*

Prescriptive guidance for establishing a secure configuration posture for Oracle Linux 7 systems running on x86 and x64 platforms. The document was tested against Oracle Linux 7.8.

Download the CIS Oracle Linux 7 Benchmark
Our members can visit CIS WorkBench to download other formats and related resources.

CIS Red Hat Enterprise Linux 7 Benchmark v3.0.0*

Provides prescriptive guidance for establishing a secure configuration posture for Red Hat Enterprise Linux 7 systems running on x86 and x64 platforms. The document was tested against Red Hat Enterprise Linux 7.8

Download the CIS Red Hat Enterprise Linux 7 Benchmark
Our members can visit CIS WorkBench to download other formats and related resources.

CIS SUSE Linux Enterprise Server 15 Benchmark v1.0.0*

Prescriptive guidance for establishing a secure configuration posture for SUSE Linux Enterprise 15 SP1 systems running on x86 or x64 platforms. The document was tested against SUSE Linux Enterprise Server 15 SP1.

Download the CIS SUSE Linux Enterprise Server 15 Benchmark
Our members can visit CIS WorkBench to download other formats and related resources.

CIS Ubuntu Linux 20.04 Benchmark v1.0.0

Prescriptive guidance for establishing a secure configuration posture for Ubuntu Linux systems running on x86 and x64 platforms.

Commands and scripts are provided which should work on most Debian derived Linux distributions, however some translation to local styles may be required in places.

Many lists are included including filesystem types, services, clients, and network protocols. Not all items in these lists are guaranteed to exist on all distributions and additional similar items may exist which should be considered in addition to those explicitly mentioned.

Our members can visit CIS WorkBench to download other formats and related resources.

* The guidance within broadly assumes that operations are being performed as the root user. Operations performed using sudo instead of the root user may produce unexpected results, or fail to make the intended changes to the system. Non-root users may not be able to access certain areas of the system, especially after remediation has been performed. It is advisable to verify root users path integrity and the integrity of any programs being run prior to execution of commands and scripts included in these CIS Benchmarks.

CIS Check Point Firewall Benchmark v1.1.0

Prescriptive guidance for establishing a secure configuration posture for Check Point Firewall versions R75.x – 80.x installed on Gaia Platform. The guide was tested against Check Point R80.10 installed on Gaia.

Download the CIS Check Point Firewall Benchmark
Our members can visit CIS WorkBench to download other formats and related resources.

CIS Google Kubernetes Engine Benchmark v1.1.0

This CIS Benchmark only includes controls which can be modified by an end user of GKE. For information on GKE’s performance against the CIS Kubernetes Benchmarks, and for items which cannot be audited or modified, see the GKE documentation.

Download the CIS Google Kubernetes Engine Benchmark
Our members can visit CIS WorkBench to download other formats and related resources.

CIS Microsoft SQL Server Benchmark Releases

The following CIS Microsoft SQL Server Benchmarks have been released, providing prescriptive guidance for establishing a secure configuration posture for Microsoft SQL Server. Each guide was tested against the associated version as noted in the CIS Benchmark.

  • CIS Microsoft SQL Server 2019
  • CIS Microsoft SQL Server 2016
  • CIS Microsoft SQL Server 2014
  • CIS Microsoft SQL Server 2012
  • CIS Microsoft SQL Server 2008 R2
Download the CIS Microsoft SQL Server Benchmark Releases
Our members can visit CIS WorkBench to download other formats and related resources.

CIS Microsoft Windows Server 2016 RTM (Release 1607) Benchmark v1.2.0

This guide was tested against Microsoft Windows Server 2016 Datacenter. The community made several changes to improve this CIS Benchmark:

  • Added 15+ new security settings
  • Moved and renamed several settings due to updated ADMX templates
  • Updated 20+ recommendations that were outdated
  • Removed 5+ settings that were outdated

The full change log is included at the end of both the PDF and DOC versions.
A huge thank you to the Windows Community and Team for making this happen, and special thanks to Haemish Edgerton.

Download the CIS Microsoft Windows Server 2016 RTM (Release 1607) Benchmark
Our members can visit CIS WorkBench to download other formats and related resources.

CIS Oracle Database 18c Benchmark v1.0.0

Prescriptive guidance for Oracle Database 18c. The guide was tested against Oracle Database 18c installed with and without pluggable database support running on a Windows Server instance as a stand-alone system and running on an Oracle Linux instance also as a stand-alone system. Future Oracle Database 18c critical patch updates (CPUs) may impact the recommendations included in the document.

Download the CIS Oracle Database 18c Benchmark
Our members can visit CIS WorkBench to download other formats and related resources.

CIS VMware ESXi 6.7 Benchmark v1.1.0

Prescriptive guidance for establishing a secure configuration posture for VMware ESXi 6.7. The guide was tested against VMware ESXi 6.7.

Download the CIS VMware ESXi 6.7 Benchmark
Our members can visit CIS WorkBench to download other formats and related resources.

CIS_Benchmarks_Community

 

 

 

Get involved by helping us develop content, review recommendations, and test CIS Benchmarks. Join a community today! We’re looking for contributors for the following technologies:

  • Amazon Web Services
  • Zoom Video Communication
  • Cisco – NX-OS
  • Oracle MySQL

Have questions about the CIS Benchmark development process, how you can contribute, or how to get involved? Reach out to us at [email protected]. You can also learn more on the CIS Benchmarks Community page.