CIS Logo
tagline: Confidence in the Connected World

CIS Hardened Images Built on Google Shielded VMs

Google Cloud announced general availability of its Shielded VMs (virtual machines) at a breakout session during the Google Cloud Next ‘19. CIS Hardened Images, built on Shielded VM base images by Google Cloud, make working on GCP even safer and more secure than ever.

What are Shielded VMs?

Shielded VMs are hardened by a set of security controls that help defend against rootkits and bootkits. Enable Shielded VMs on Google Cloud to:

  • Protect VMs against advanced threats
  • Ensure workloads are trusted and verifiable
  • Protect secrets against exfiltration and replay
  • Live migration and patching

There is no additional cost for using a Shielded VM on Google Cloud and bring your own (BYO) image licensing is supported.

CIS Hardened Images on Shielded VMs

CIS Hardened Images are virtual machine images that have been preconfigured according to the security recommendations of the CIS Benchmarks. A CIS Hardened Image incorporates all of the security recommendations outlined in the CIS Benchmark applicable to the operating system.


CIS Hardened Images on Google Cloud Platform are now built on Google Cloud’s Shielded VM base images. Using Shielded VMs limits mistakes and ensures your organization is only using supported images. Google Cloud Platform will have a “trusted image” section so you can be sure you’re using images on Shielded VMs. CIS Hardened images are included and a part of these “trusted images.”

CIS Hardened Images available on Shielded VMs include:

  • Windows Server 2012 R2 Datacenter – Level 1 and Level 2
  • Windows Server 2016 Datacenter – Level 1 and Level 2
  • CentOS 7 – Level 1
  • Ubuntu 18.04 LTS – Level 1
  • Red Hat Enterprise Linux 7 – Level 1

Breakout at #GoogleNext19: Harden Your VMs with Shielded Computing

CIS VP of Cybersecurity Solutions Steve Gold spoke at a breakout session during Google Cloud Next 19. He presented on shared security responsibilities between CIS and Google to protect the cloud. Steve also spoke to technical experts, security managers, and cloud infrastructure specialists about the approach CIS takes when it comes to security. He highlighted how the CIS Controls, CIS Benchmarks, and CIS Hardened Images work together to create effective cybersecurity solutions.

ArrowWatch the full session from #GoogleNext19