CIS Hardened Images

CIS offers virtual images hardened in accordance with the CIS Benchmarks, a set of vendor agnostic, internationally recognized secure configuration guidelines. CIS Hardened Images provide users a secure, on-demand, and scalable computing environment. They are available from major cloud computing platforms like AWS, Azure, Google Cloud Platform, and Oracle Cloud.

AWS Marketplace

Also on AWS GovCloud
Learn more Launch on AWS

Azure Marketplace

Also on Azure Government
Learn more
Deploy on Azure

Google Cloud Platform

Learn more
Deploy on GCP

Oracle Cloud Marketplace

Learn more
Launch on Oracle Cloud

Virtual Image vs. Hardened Virtual Image

A virtual image is a snapshot of a virtual machine (VM) used to create a running instance in a virtual environment, thus providing the same functionality as a physical computer. Virtual images reside on the cloud and let you cost-effectively perform routine computing operations without investing in local hardware and software.

Hardening is a process of limiting potential weaknesses that make systems vulnerable to cyber attacks. More secure than a standard image, hardened virtual images reduce system vulnerabilities to help protect against denial of service, unauthorized data access, and other cyber threats.

Secure Configuration Standards

CIS Hardened Images are configured according to CIS Benchmark recommendations, which are developed through consensus by a global community of cybersecurity experts.

These recommendations are recognized by the DoD Cloud Computing Security Recommendation Guide (SRG), Payment Card Industry Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), Federal Risk and Authorization Management Program (FedRAMP), and the National Institute of Standards and Technology (NIST) as a secure configuration standard. This recognition also applies to CIS Hardened Images as their configuration is based on the CIS Benchmarks.

For organizations and industries that require compliance to Security Technical Implementation Guide (STIG) standards, CIS has mapped the CIS Benchmark to STIG standards, when applicable, and includes the remaining STIG and CIS recommendations that don’t map to each other.

Benefits of CIS Benchmark-Hardened Images

Configured to CIS Benchmarks

Conform to recommended cybersecurity best practices developed and reviewed by experts around the world and include CIS-CAT Pro conformance and exception reports.

Stay Secure

CIS Hardened Images help mitigate the common threats of denial of service, insufficient authorization, and overlapping trust boundaries threats.

Reduce Cost

Virtual images are a flexible, on-demand computing solution that saves time and money on hardware purchasing, software licensing, and maintenance.

Need more info? Check out our CIS Hardened Images FAQ

CIS Hardened Images

Other CIS Cloud Security Resources

CIS Foundations Benchmarks

Free configuration guidance to secure AWS, Azure, GCP, Oracle Cloud, IBM Cloud, and Alibaba Cloud accounts. Download now

CIS Cloud Services Benchmarks

Some public cloud services require extensive guidance, like Kubernetes. Access free guidelines for EKS, OKE, GKE, and ACK. Download a CIS Kubernetes Benchmark

CIS Product Benchmarks

Using other cloud services? CIS provides free guidance for services grouped by cloud product. Access the first release of CIS Cloud Product Benchmarks. Download CIS AWS End User Compute Services Benchmark

Partner with CIS to Resell CIS Hardened Images

CIS Hardened Images are available for Cloud Reseller Partners in AWS, Azure, and GCP Marketplaces. Request information and connect with our Cloud Channel Team.

Connect with CIS Cloud Channel Team