CIS Logo
tagline: Confidence in the Connected World

What’s New in CIS-CAT Pro Assessor 3.0.56 and 4.0.4

CIS-CAT Pro is a configuration assessment tool used by organizations around the world to improve their security posture. CIS-CAT Pro compares a target system’s configurations to the guidelines recommended by CIS Benchmarks™. CIS SecureSuite® Members receive regular updates to CIS-CAT Pro Assessor. Keep reading to learn what’s new in CIS-CAT Pro Assessor 3.0.56 and CIS-CAT Pro Assessor 4.0.4.

Automated assessments against CIS Microsoft Windows 10 Enterprise Release 1803 Benchmark v1.5.0

CIS-CAT Pro Assessor 3.0.56 and 4.0.4 now include the CIS Microsoft Windows 10 Enterprise Release 1803 Benchmark v1.5.0. This release contains updates, more concise profile text. Additionally, 1809 settings applicable in the 1803 release were added. For a complete list of what’s changed, login to CIS Workbench and navigate to the Windows Community Discussion or obtain the latest version of this guide on CIS Workbench in the “downloads” area at https://workbench.cisecurity.org/files.

Scan an entire domain using CIS-CAT Pro Assessor 4.0.4

Just like CIS-CAT Pro Assessor version 3 series, CIS-CAT Pro Assessor 4.0.4 includes new scripts to support users who want to scan target machines that belong to a domain. Scripts are included for Linux and Windows environments. They can scan an entire domain when target machines have access to a network Java instance and CIS-CAT Pro Assessor. This is useful for members who want to use the assessor within a domain instead of remotely connecting to each target.

See the "Assessing Multiple Windows Targets" and "Assessing Multiple Unix/Linux Targets" sections of the User's Guide for more information.

Windows _Centralized_ Network Setup

Improvements in data security

We want you to feel confident your information is protected. CIS-CAT Pro Assessor v4 utilizes sessions and configuration files to store target system information. To help protect sensitive data contained in the files, we’ve added an encryption option. At a command line prompt, you can now encrypt any file using our latest options along with a password. CIS-CAT Pro Assessor 4.0.4 can utilize the encrypted file when the password is provided on use. The assessor process will decrypt the file in memory and use the information in the assessment process. Target credentials for remote connections are never transmitted in clear text and are encrypted in secure channels. Check out the User’s Guide to learn more about this new option.

Already a Member? Login to CIS WorkBench to download the latest version.