CIS Hardened Images
CIS offers virtual images hardened in accordance with the CIS Benchmarks, a set of vendor agnostic, internationally recognized secure configuration guidelines. CIS Hardened Images provide users a secure, on-demand, and scalable computing environment. They are available from major cloud computing platforms like AWS, Azure, Google Cloud Platform, and Oracle Cloud.
AWS Marketplace
Also on AWS GovCloud
Learn more Launch on AWSAzure Marketplace
Also on Azure Government
Learn more Deploy on AzureGoogle Cloud Platform
Learn more Deploy on GCPOracle Cloud Marketplace
Learn more Launch on Oracle CloudVirtual Image vs. Hardened Virtual Image
A virtual image is a snapshot of a virtual machine (VM) used to create a running instance in a virtual environment, thus providing the same functionality as a physical computer. Virtual images reside on the cloud and let you cost-effectively perform routine computing operations without investing in local hardware and software.
Hardening is a process of limiting potential weaknesses that make systems vulnerable to cyber attacks. More secure than a standard image, hardened virtual images reduce system vulnerabilities to help protect against denial of service, unauthorized data access, and other cyber threats.
Secure Configuration Standards
CIS Hardened Images are configured according to CIS Benchmark recommendations, which are developed through consensus by a global community of cybersecurity experts.
These recommendations are recognized by the DoD Cloud Computing Security Recommendation Guide (SRG), Payment Card Industry Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), Federal Risk and Authorization Management Program (FedRAMP), and the National Institute of Standards and Technology (NIST) as a secure configuration standard. This recognition also applies to CIS Hardened Images as their configuration is based on the CIS Benchmarks.
For organizations and industries that require compliance to Security Technical Implementation Guide (STIG) standards, CIS has mapped the CIS Benchmark to STIG standards, when applicable, and includes the remaining STIG and CIS recommendations that don’t map to each other.
Benefits of CIS Benchmark-Hardened Images
Configured to CIS BenchmarksConform to recommended cybersecurity best practices developed and reviewed by experts around the world and include CIS-CAT Pro conformance and exception reports. |
Stay SecureCIS Hardened Images help mitigate the common threats of denial of service, insufficient authorization, and overlapping trust boundaries threats. |
Reduce CostVirtual images are a flexible, on-demand computing solution that saves time and money on hardware purchasing, software licensing, and maintenance. |
Other CIS Cloud Security Resources
CIS offers consensus-driven security guidance on the following cloud software.CIS Foundations Benchmarks
Free configuration guidance to secure AWS, Azure, GCP, Oracle Cloud, IBM Cloud, and Alibaba Cloud accounts. Download nowCIS Cloud Services Benchmarks
Some public cloud services require extensive guidance, like Kubernetes. Access free guidelines for EKS, OKE, GKE, and ACK. Download a CIS Kubernetes BenchmarkCIS Product Benchmarks
Using other cloud services? CIS provides free guidance for services grouped by cloud product. Access the first release of CIS Cloud Product Benchmarks. Download CIS AWS End User Compute Services BenchmarkWhat People are Saying:
"Based on the value, time and costs saving, I would not consider spinning up a AWS server without adding the CIS security to it for any production-level instance."
- V.P. Application Lifecycle Management CorTechs, Inc.
Partner with CIS to Resell CIS Hardened Images
CIS Hardened Images are available for Cloud Reseller Partners in AWS, Azure, and GCP Marketplaces. Request information and connect with our Cloud Channel Team.
