Virtual Image vs. Hardened Virtual Image
Every day, more and more organizations are moving to the cloud. Shifting from on-premise systems enables greater flexibility and scalability in ever-changing computing workloads. And that can translate to significant fixed cost savings. As with any change, however, cloud computing presents its own challenges — including how to ensure your VM images are secure.
A virtual machine image is a snapshot of a virtual machine used to create a running instance in a virtual environment, and it and provides the same functionality as a physical computer. Virtual images reside in the cloud and enable you to cost-effectively perform routine computing operations without investing in local hardware and software.
When operating in the public cloud, the security of your systems and data is ultimately your responsibility. CIS Hardened Images are designed to harden your operating systems in the cloud.
Hardening limits potential weaknesses that make systems vulnerable to cyber attacks. More secure than a standard image, hardened virtual machine images help protect against denial of service, unauthorized data access, and other cyber threats.
Enhanced Security and Achieving Compliance
CIS Hardened Images are configured according to CIS Benchmark recommendations, which are developed through consensus by a global community of cybersecurity experts.
These recommendations are recognized as a secure configuration standard by the DoD Cloud Computing Security Recommendation Guide (SRG), Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), Federal Information Security Management Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), and the National Institute of Standards and Technology (NIST). This recognition also applies to CIS Hardened Images, as their configuration is based on the CIS Benchmarks.
For organizations and industries that want to achieve compliance with Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) standards, CIS offers several CIS Benchmarks mapped to STIG standards. CIS STIG Benchmarks note any DISA STIG recommendations not included in the CIS STIG Benchmarks. From these guidelines, CIS also offers CIS STIG Hardened Images.
Start Using CIS Hardened Images
CIS Hardened Images bring the globally recognized secure configuration recommendations of the CIS Benchmarks to the cloud. Securely pre-configured virtual machine images are available to deploy immediately from the major cloud provider marketplaces.
Virtual Image vs. Hardened Virtual Image
Every day, more and more organizations are moving to the cloud. Shifting from on-premise systems enables greater flexibility and scalability in ever-changing computing workloads. And that can translate to significant fixed cost savings. As with any change, however, cloud computing presents its own challenges — including how to ensure your VM images are secure.
A virtual machine image is a snapshot of a virtual machine used to create a running instance in a virtual environment, and it and provides the same functionality as a physical computer. Virtual images reside in the cloud and enable you to cost-effectively perform routine computing operations without investing in local hardware and software.
When operating in the public cloud, the security of your systems and data is ultimately your responsibility. CIS Hardened Images are designed to harden your operating systems in the cloud.
Hardening limits potential weaknesses that make systems vulnerable to cyber attacks. More secure than a standard image, hardened virtual machine images help protect against denial of service, unauthorized data access, and other cyber threats.
Enhanced Security and Achieving Compliance
CIS Hardened Images are configured according to CIS Benchmark recommendations, which are developed through consensus by a global community of cybersecurity experts.
These recommendations are recognized as a secure configuration standard by the DoD Cloud Computing Security Recommendation Guide (SRG), Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), Federal Information Security Management Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), and the National Institute of Standards and Technology (NIST). This recognition also applies to CIS Hardened Images, as their configuration is based on the CIS Benchmarks.
For organizations and industries that want to achieve compliance with Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) standards, CIS offers several CIS Benchmarks mapped to STIG standards. CIS STIG Benchmarks note any DISA STIG recommendations not included in the CIS STIG Benchmarks. From these guidelines, CIS also offers CIS STIG Hardened Images.
Start Using CIS Hardened Images
CIS Hardened Images bring the globally recognized secure configuration recommendations of the CIS Benchmarks to the cloud. Securely pre-configured virtual machine images are available to deploy immediately from the major cloud provider marketplaces.
The main benefit of CIS Hardened Images is that the secure configurations have already been done for you.
But that's not all…

Configured to CIS Benchmarks
Conform to recommended cybersecurity best practices developed and reviewed by experts around the world.

Help you stay secure
Help mitigate common threats like malware, denial of service, insufficient authorization, and overlapping trust boundary threats.

Avoid Misconfigurations
We build these images with third-party automation. Utilizing these hardened VM images helps to avoid misconfiguration and other instances of human error that are common with manual hardening.

Offers Evidence of Compliance
Each CIS Hardened Image contains the final CIS-CAT Pro Assessor report that illustrates its compliance with the CIS Benchmarks. It also includes any exceptions necessary for that Hardened Image to run in the cloud. This report is integral to providing evidence of compliance on the spot.

Regularly Patched
Not only does CIS perform the initial hardening, but we also update our Hardened Images monthly.

Cost-Effective
You can eliminate upfront investments in hardware with a cost-effective option to harden your VM images at just $0.02 per compute hour.
Start Using CIS Hardened Images
CIS Hardened Images bring the globally recognized secure configuration recommendations of the CIS Benchmarks to the cloud. Securely pre-configured virtual machine images are available to deploy immediately from the major cloud provider marketplaces.
AWS Marketplace
CIS has partnered with AWS to offer CIS Hardened Images on AWS Marketplace, the AWS GovCloud (U.S.) region, and the AWS Intelligence Community. Learn more
Azure Marketplace
CIS Hardened Images are available in the Microsoft Azure Marketplace and are Azure-certified. CIS is a Microsoft Partner. Learn more
Google Cloud Platform
Securely configured operating systems are available to spin up from Google Cloud Platform (GCP), where CIS is a partner. Learn more
Oracle Cloud Marketplace
CIS is an Oracle Silver Partner, and CIS Hardened Images are available to deploy on the Oracle Cloud Marketplace. Learn more
Start Using CIS Hardened Images
CIS Hardened Images bring the globally recognized secure configuration recommendations of the CIS Benchmarks to the cloud. Securely pre-configured virtual machine images are available to deploy immediately from the major cloud provider marketplaces.
CIS Benchmarks and CIS Hardened Images
Start Using CIS Hardened Images
CIS Hardened Images bring the globally recognized secure configuration recommendations of the CIS Benchmarks to the cloud. Securely pre-configured virtual machine images are available to deploy immediately from the major cloud provider marketplaces.