When operating in the public cloud, the security of your systems and data is ultimately your responsibility. CIS Hardened Images offer built-in secure configuration and compliance with guidance you can trust. They are configured to follow the recommendations of the globally-recognized CIS Benchmarks™, which are the only consensus-based, vendor-agnostic, best-practice security configuration guides both developed and accepted through consensus by government, business, industry, and academia.
Virtual Image vs. Hardened Virtual Image
Virtual machine images offer the same functionality as a physical computer, but off a snapshot of a running instance in a virtual environment. They reside in the cloud and enable you to cost-effectively perform routine computing operations without investing in local hardware and software.
Hardened virtual images offer extra security in the cloud by limiting potential weaknesses that make systems vulnerable to cyber attacks. They help protect against denial of service, unauthorized data access, and other cyber threats.
Enhanced Security and Achieving Compliance
CIS Benchmarks recommendations are designed to support your enterprise’s overall security against cyber attacks, and they map to the CIS Critical Security Controls® (CIS Controls®).
CIS Benchmarks are recognized as a secure configuration standard by:
- DoD Cloud Computing Security Recommendation Guide (SRG)
- Payment Card Industry Data Security Standard (PCI DSS)
- Federal Information Security Management Act (FISMA)
- Federal Financial Institutions Examination Council (FFIEC)
- Federal Risk and Authorization Management Program (FedRAMP)
- National Institute of Standards and Technology (NIST)
- National Checklist Program Repository
This recognition also applies to CIS Hardened Images, as their configuration is based on the CIS Benchmarks. A 2023 Gartner report found that “[u]sing hardened images significantly improves cloudsecurity by ensuring that virtual machine images adhere to the highest security standards from the start.” According to Gartner, this “helps in minimizing vulnerabilities and ensures compliance with industry benchmarks, making cloud deployments more secure and reliable."
For organizations and industries that want to achieve compliance with Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) standards, CIS offers several CIS Benchmarks mapped to STIG standards. CIS STIG Benchmarks note any DISA STIG recommendations not included in the CIS STIG Benchmarks. From these guidelines, CIS also offers CIS STIG Hardened Images.
Learn More about CIS STIG Hardened Images
Support Clients with an Elevated Level of Cloud Security
In our CIS Hardened Images Reseller Program, we work with managed service providers (MSPs), managed security service providers (MSSPs), and IT consultants to sell CIS Hardened Images to their clients as part of what they already offer. This enables service providers to deliver built-in, cloud-based security configurations as additional value to their clients.
Start Using CIS Hardened Images
CIS Hardened Images bring the globally recognized secure configuration recommendations of the CIS Benchmarks to the cloud. Securely pre-configured virtual machine images are available to deploy immediately from the major cloud provider marketplaces.
When operating in the public cloud, the security of your systems and data is ultimately your responsibility. CIS Hardened Images offer built-in secure configuration and compliance with guidance you can trust. They are configured to follow the recommendations of the globally-recognized CIS Benchmarks™, which are the only consensus-based, vendor-agnostic, best-practice security configuration guides both developed and accepted through consensus by government, business, industry, and academia.
Virtual Image vs. Hardened Virtual Image
Virtual machine images offer the same functionality as a physical computer, but off a snapshot of a running instance in a virtual environment. They reside in the cloud and enable you to cost-effectively perform routine computing operations without investing in local hardware and software.
Hardened virtual images offer extra security in the cloud by limiting potential weaknesses that make systems vulnerable to cyber attacks. They help protect against denial of service, unauthorized data access, and other cyber threats.
Enhanced Security and Achieving Compliance
CIS Benchmarks recommendations are designed to support your enterprise’s overall security against cyber attacks, and they map to the CIS Critical Security Controls® (CIS Controls®).
CIS Benchmarks are recognized as a secure configuration standard by:
- DoD Cloud Computing Security Recommendation Guide (SRG)
- Payment Card Industry Data Security Standard (PCI DSS)
- Federal Information Security Management Act (FISMA)
- Federal Financial Institutions Examination Council (FFIEC)
- Federal Risk and Authorization Management Program (FedRAMP)
- National Institute of Standards and Technology (NIST)
- National Checklist Program Repository
This recognition also applies to CIS Hardened Images, as their configuration is based on the CIS Benchmarks. A 2023 Gartner report found that “[u]sing hardened images significantly improves cloudsecurity by ensuring that virtual machine images adhere to the highest security standards from the start.” According to Gartner, this “helps in minimizing vulnerabilities and ensures compliance with industry benchmarks, making cloud deployments more secure and reliable."
For organizations and industries that want to achieve compliance with Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) standards, CIS offers several CIS Benchmarks mapped to STIG standards. CIS STIG Benchmarks note any DISA STIG recommendations not included in the CIS STIG Benchmarks. From these guidelines, CIS also offers CIS STIG Hardened Images.
Learn More about CIS STIG Hardened Images
Support Clients with an Elevated Level of Cloud Security
In our CIS Hardened Images Reseller Program, we work with managed service providers (MSPs), managed security service providers (MSSPs), and IT consultants to sell CIS Hardened Images to their clients as part of what they already offer. This enables service providers to deliver built-in, cloud-based security configurations as additional value to their clients.
Start Using CIS Hardened Images
CIS Hardened Images bring the globally recognized secure configuration recommendations of the CIS Benchmarks to the cloud. Securely pre-configured virtual machine images are available to deploy immediately from the major cloud provider marketplaces.
The main benefit of CIS Hardened Images is that the secure configurations have already been done for you. But that's not all. Here's how else they can help you.
Comply with the CIS Benchmarks
Conform to recommended cybersecurity best practices developed and reviewed by experts around the world.
Save Time and Effort Staying Secure
Enjoy peace of mind that your VM images are optimally configured to defend against malware, denial of service, insufficient authorization, and overlapping trust boundary threats.
Avoid Misconfigurations
We build these images with third-party automation. Utilizing these hardened VM images helps to avoid misconfiguration and other instances of human error that are common with manual hardening, which are responsible for nearly 60% of all data breaches according to Gartner's 2023 Cloud Security Report.
Want to learn more about how you can use CIS Hardened Images to minimize misconfigurations? Check out our video below.
Offers Evidence of Compliance
Each CIS Hardened Image contains the final CIS-CAT Pro Assessor report that illustrates its compliance with the CIS Benchmarks. It also includes any exceptions necessary for that Hardened Image to run in the cloud. This report is integral to providing evidence of compliance on the spot.
Forego Manual Hardening
Each CIS Hardened Image comes with an out-of-the-box configuration report that shows the configuration of the base OS prior to CIS's hardening. This saves you money, time, and resources when you need to obtain and provide detailed insights into the applied secure configurations.
Complement Your Cybersecurity Architecture
By incorporating CIS Hardened Images into your Infrastructure-as-a-Service (IaaS) architecture and strategy, you can support identity and access management, network traffic protection, and other aspects of your cybersecurity architecture essential for creating a comprehensive approach to cloud security posture management (CSPM).
Stay up to Date Month to Month
Not only does CIS perform the initial hardening, but we also update our Hardened Images monthly.
Make the Most of Your Cloud Security Budget
Eliminate upfront investments in hardware with a cost-effective option to harden your VM images. CIS Hardened Images range from $0.01-$0.06 per compute hour on AWS, Azure, and GCP, and $0.025 on OCI.
Start Using CIS Hardened Images
CIS Hardened Images bring the globally recognized secure configuration recommendations of the CIS Benchmarks to the cloud. Securely pre-configured virtual machine images are available to deploy immediately from the major cloud provider marketplaces.
AWS Marketplace
CIS has partnered with AWS to offer CIS Hardened Images on AWS Marketplace, the AWS GovCloud (U.S.) region, and the AWS Intelligence Community. Learn more
Azure Marketplace
CIS Hardened Images are available in the Microsoft Azure Marketplace and Azure Government Marketplace, and are Azure-certified. CIS is a Microsoft Intelligent Security Association (MISA) member. Learn more
Google Cloud Platform
Securely configured operating systems are available to spin up from Google Cloud Platform (GCP), where CIS is a partner. Learn more
Oracle Cloud Marketplace
CIS is an Oracle partner, and CIS Hardened Images are available to deploy on the Oracle Cloud Marketplace. Learn more
Start Using CIS Hardened Images
CIS Hardened Images bring the globally recognized secure configuration recommendations of the CIS Benchmarks to the cloud. Securely pre-configured virtual machine images are available to deploy immediately from the major cloud provider marketplaces.
CIS Benchmarks and CIS Hardened Images
Start Using CIS Hardened Images
CIS Hardened Images bring the globally recognized secure configuration recommendations of the CIS Benchmarks to the cloud. Securely pre-configured virtual machine images are available to deploy immediately from the major cloud provider marketplaces.
