CIS Controls V7 Come to CIS-CAT Pro Dashboard
CIS SecureSuite® Members are receiving an update to CIS-CAT Pro Dashboard in v1.1.5. CIS-CAT Pro Dashboard is the companion tool to CIS-CAT Pro Assessor. It consumes configuration assessment results and charts the results over time, providing users with insight into their overall security posture. With the update, CIS SecureSuite Members can more clearly and quickly see how their assessment results score against the CIS Controls™ best practices. Keep reading to learn what’s new in CIS-CAT Pro Dashboard v1.1.5.
Compare to security best practices
Did you know that you can measure how well your CIS Benchmarks™ are scoring against the CIS Controls? The CIS Controls are best practices that help organizations around the world defend against cyber threats. CIS-CAT Pro Dashboard allows you to view a configuration assessment by the mapped CIS Controls. Mapping displays connections between CIS Controls best practices and specific CIS Benchmark configurations. This helps demonstrate how secure configurations and overall security posture are tied together. CIS-CAT Pro Assessor HTML configuration assessment reports show the same mapping information. The mapping helps you see how very specific configuration settings for each of your target systems support the overall CIS Controls and Sub-Controls. The CIS Controls are a prioritized set of actions that collectively form a defense-in-depth set of best practices that mitigate the most common attacks against systems and networks. This is great information to share with your organization’s stakeholders on how well your organization’s target machines are meeting the CIS Controls!
This update is available to all CIS SecureSuite Members. Membership includes access to CIS-CAT Pro, remediation kits, full-format CIS Benchmarks, and more.
Already a Member? Login to CIS WorkBench to download the latest version.
So…what’s new exactly?
You'll find CIS Controls V7 cross-references to CIS Benchmark recommendations to be more direct and granular to the CIS Sub-Controls. Where available, CIS Controls V7 mapping to CIS Benchmark recommendations will now show in the CIS-CAT Pro Configuration Assessment Reports and CIS-CAT Pro Dashboard views. CIS-CAT Pro Dashboard provides users an ability to toggle between CIS Controls V6.1 and V7:
- CIS Benchmarks that are available in CIS-CAT Pro Assessor and were previously mapped to CIS Controls V6.1 will retain those mappings. When new versions of these existing CIS Benchmarks are released, they will be mapped to CIS Controls V7.
- Future CIS Benchmarks offered through CIS-CAT Pro Assessor will be mapped to the latest version of the CIS Controls.
View the list of platforms that are currently mapped to the CIS Controls.
Set your preference for CIS Controls V6.1 or V7
Within CIS-CAT Pro Dashboard, find the complete list of CIS Controls V6.1 and V7 under Supporting Data and CIS Controls. Set your preferred CIS Controls default view in the CIS-CAT Pro Dashboard System Settings.
Select an assessment from the Reports -> Assessment Results Search or Assessment Results List and then select the CIS Controls version to view. The CIS Controls version tab will show the selected CIS Controls and the recommendations that have been mapped. Recommendation mapping occurs during the CIS Benchmark update and creation process as part of the community effort. Not all Benchmarks will be mapped to a CIS Control. Only the latest CIS Benchmark versions will be mapped to CIS Controls V7.
Below is an example of a CIS-CAT Pro Configuration Assessment Report in HTML format for a CIS Benchmark with more than one version of CIS Controls mapping.