New Hardened macOS 11 & 10.15 VMs in AWS Marketplace

Apple users rejoice! CIS Hardened Images for macOS Big Sur (11) and Catalina (10.15) are now available in Amazon Web Services (AWS) Marketplace. These CIS Hardened Images are the first independently-developed offering for macOS Amazon machine images (AMIs) in AWS Marketplace.

CIS Hardened Images, pre-configured virtual machine images, provide an additional layer of security to AMIs. You can have added trust in your AMIs the enhanced security from CIS Hardened Images for macOS 11 and 10.15.

The AWS Marketplace macOS Option: CIS Hardened Images

These CIS Hardened Images are the first offering for macOS AMIs in AWS Marketplace. They’re built to the configuration guidance of the CIS Benchmarks. CIS Benchmarks are internationally-recognized secure configuration guidelines. Experienced security practitioners curate these best practices to help assess and improve cybersecurity. In addition to the guidance of these experts, AWS participates in the development of CIS Benchmarks.

Access the newly released CIS Hardened Images for macOS:

Why Use a CIS macOS Hardened Image?

CIS Hardened Images offer security to protect against malware, insuffi­cient authorization, and remote intrusion. Using the CIS Hardened Images, IT professionals can:
  • Deploy pre-configured AMIs across networks – Administrators can feel confident knowing that the images conform to the CIS Benchmarks.
  • Eliminate upfront investments – Avoid hardware purchasing, software licensing, secure configuration, and maintenance by working securely in the cloud.
  • Easily audit their AMIs – Every CIS Hardened Image includes an assessment report from our configuration assessment tool, CIS-CAT Pro.
The CIS-CAT Pro reports show conformance to the CIS Benchmark. A README text file accompanies this report. It details any exceptions necessary for that CIS Hardened Image to run in the cloud.
CIS builds new versions of CIS Hardened Images any time there is an update to the corresponding CIS Benchmark. Also, CIS patches all CIS Hardened Images monthly for vulnerabilities.

CIS Hardened Images Help with PCI DSS Compliance

Meeting the requirements of compliance frameworks can be challenging. Luckily, a variety of compliance frameworks, including Payment Card Industry Data Security Standard (PCI DSS), recognize CIS Benchmarks as an acceptable standard to help meet compliance.

Because financial institutions often store, process, and transmit cardholder data, meeting the requirements of PCI DSS is crucial to a secure environment. However, ensuring compliance to these frameworks is time consuming. That’s where the CIS Hardened Images conforming mapping to CIS Benchmarks is beneficial. PCI DSS Requirement 2.2 points directly to the CIS Benchmarks:

2.2 Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry accepted system hardening standards. Sources of industry-accepted system hardening standards may include, but are not limited to: Center for Internet Security (CIS), International Organization for Standardization (ISO), SysAdmin Audit Network Security (SANS), Institute National Institute of Standards Technology (NIST).

Because CIS builds these hardened VMs to CIS Benchmark standards, this recognition extends to CIS Hardened Images as well. CIS Hardened Images can help IT professionals not only secure their enterprise cloud infrastructure, but also provide evidence to support compliance towards common frameworks, like PCI DSS.