CIS Benchmarks November 2020 Update

CIS-Benchmarks

This month brings several new CIS Benchmarks as well as new guidance for teleconferencing. These CIS Benchmark releases would not have been possible without the time and contributions from the community contributors through the form of tickets, comments, and joining our community calls. Thank you to those who volunteer.

CIS Teleconferencing Security Guide

This new guide describes the shared responsibilities and configuration recommendations for individuals and IT departments, regardless of which specific platform is used.

Learn more and download the guide

CIS Zoom Benchmark v1.0.0

Prescriptive guidance for establishing a secure configuration posture for Zoom video teleconference software.

Special thanks to Vittal Sher and Todd Lamonthe for their work in developing this initial release.

Download the CIS Zoom Benchmark v1.0.0 PDF

CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.

CIS Apache HTTP 2.4 Benchmark v2.0.0

Prescriptive guidance for establishing a secure configuration posture for Apache HTTP Server 2.4. This guide was tested against Apache HTTP Server 2.4.

Special thanks to Ralph Durkee as well as members of the Community who participated in general and ticket-specific discussions to update this CIS Benchmark.

Download the CIS Apache HTTP 2.4 v2.0.0 Benchmark PDF

CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.

CIS Apple macOS 10.13 Benchmark v1.1.0

Prescriptive guidance for establishing a secure configuration posture for Apple macOS 10.13. This guide was tested against Apple macOS 10.13.

Special thanks to Ron Colvin and William Harrison for their work to update this CIS Benchmark.

Download the CIS Apple macOS 10.13 Benchmark v1.1.0 PDF

CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.

CIS ISC BIND DNS Server 9.11 Benchmark v1.0.0

Prescriptive guidance for establishing a secure configuration posture for the ISC BIND DNS Server version 9.11 running on Linux. This guide was tested using BIND version 9.11 installed from rpm packages on CentOS Linux 8.1.

Special thanks to Ralph Durkee for his work on this release.

Download the CIS ISC BIND DNS Server 9.11 Benchmark v1.0.0 PDF

CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.

CIS Microsoft Azure Foundations Benchmark v1.2.0

Prescriptive guidance for establishing a secure baseline configuration for Microsoft Azure. This update contains many changes that can be viewed in the changelog, but here are a few to note:

  • New recommendations for Azure Security Center (ASC) policies
  • New recommendations for using customer managed encryption keys
  • Restructure of the database services section to make it easier to use
  • Removal of multiple recommendation for features that have been deprecated
  • Updated recommendations for the redesignated Azure Defender settings
  • Updated multiple audit and remediation steps to align with change in the console/GUI
  • Updated reference link in multiple recommendations

The scope of this CIS Benchmark is to establish the foundation level of security for anyone adopting Microsoft Azure Cloud. The Benchmark is not, however, an exhaustive list of all possible security configurations and architecture. You should take the Benchmark as a starting point and do the required site-specific tailoring wherever needed and when it is prudent to do so.

Download the CIS Microsoft Azure Foundations Benchmark v1.2.0 PDF

CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.

CIS Microsoft Edge Benchmark v1.0.0

Prescriptive guidance for establishing a secure configuration posture for Microsoft Edge Browser, also known as Microsoft Edge for Business. This guide was tested against Microsoft Edge v85 on the Windows 10 Release 2004 operating system.

Special thanks to Brian Engleman, William Ferguson, Johannes Goerlich, and Daniel Jasiak.

Download the CIS Microsoft Edge Benchmark v1.0.0 PDF (scroll down to Microsoft Web Browser)

CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.

CIS Ubuntu 18.04 LXD Container Benchmark v1.0.0

Prescriptive guidance for establishing a secure configuration posture for LXD containers using the Ubuntu 18.04 LTS container image.

Thank you to all of the editors that helped complete this process and create the initial release.

Download the CIS Ubuntu 18.04 LXD Container Benchmark v1.0.0 PDF

CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.

CIS Ubuntu Linux 18.04 LXD Host Benchmark v1.0.0

Prescriptive guidance for establishing a secure configuration posture for Ubuntu Linux LXD 18.04 systems running on x86 and x64 platforms.

Download the CIS Ubuntu 18.04 LXD Host Benchmark v1.0.0 PDF

CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.

CIS Build Kits

For CIS SecureSuite Members Only: Download the newest CIS Build Kits to help you automate configuring your system to be in conformance with the associated CIS Benchmark. It's recommended to view the documentation and use in a test environment before deploying in production. Build Kits are available to Members in CIS WorkBench.

CIS_Benchmarks_Community

Get Involved: Volunteers Needed

Get involved in our community consensus process by helping us develop content, review recommendations, and test CIS Benchmarks. Join a community today! We're looking for contributors for the following technologies:

  • Apple iOS - Draft available for review
  • Cisco NX-OS
  • Oracle MySQL
  • Juniper

Have questions about the CIS Benchmark development process, how you can contribute, or how to get involved? Reach out to us at benchmarkinfo@cisecurity.org. You can also learn more on the CIS Benchmarks Community page.