HomeInsightsBlog PostsCIS Benchmarks April 2023 Update

CIS Benchmarks April 2023 Update

CIS-Benchmarks

The following CIS Benchmarks have been updated or recently released. We've highlighted the major updates below. Each Benchmark includes a full changelog that references all changes.

New CIS Benchmarks Released in April

New CIS AWS Compute Services Benchmark v1.0.0

This new Benchmark is part of a continuing effort to create recommendations for the many services offered by cloud service providers (CSPs).

The services covered in this new 'Service Category Benchmark' include the following:

  • Amazon Elastic Cloud Compute (EC2)
  • Amazon Lightsail
  • AWS Lambda
  • AWS Batch
  • AWS Elastic Beanstalk
  • AWS Serverless Application Repository
  • AWS Outposts
  • EC2 Image Builder
  • AWS App Runner
  • AWS SimSpace Weaver

Thanks to the CIS Amazon Web Services community for contributing to the development of this Benchmark! Special thanks go to Greg Carpenter and Michelle Peterson for all of their effort in authoring this Benchmark and to Jason Kao for their contributions.

Download the CIS Amazon Web Services Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

New CIS MariaDB 10.6 Benchmark v1.0.0

Here are some highlights of the work that was done to produce this Benchmark:

  • Initial release
  • Added new recommendations
  • Mapping to CIS Critical Security Controls v8

A huge thank you to CIS MariaDB Community for making this happen. Special thanks go to David Fuente.

Download the CIS MariaDB Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

New CIS Microsoft SQL Server 2022 Benchmark v1.0.0

Some highlights include:

  • Initial release
  • Mapping to CIS Critical Security Controls v8
  • Excluded "use master" in T-SQL scripts when it is not needed
  • Added two new audit actions for SQL Server Audit
  • Updated T-SQL scripts

A huge thank you to the CIS Microsoft SQL Server Community for making this happen.

Download the CIS Microsoft SQL Server Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Benchmarks Updated in March

Updated CIS Google Workspace Foundations Benchmark v1.1.0

Here are some highlights of the work that was done to produce this Benchmark:

  • 44 new recommendations
  • Improved document organization more closely following the Google Admin UI
  • Mapping to CIS Critical Security Controls v8

Thanks to the entire CIS Google Workspace Community for helping with this effort. Special thanks go to Jason Inks, Shelby Kiger, and Rex Farabee.

Download the CIS Google Workspace Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

Updated CIS PostgreSQL 14 Benchmark v1.1.0

Here are some highlights of the work we did to update this Benchmark:

  • Revised audit and remediation procedures for 11 recommendations
  • Removed one recommendation requiring configuration files be stored outside of the data cluster
  • Changed remediation procedures for the `set_user` plugin to installing a via package, thus removing the need for a compiler on the system

Thanks to the entire CIS PostgreSQL Community for helping with this effort. Special thanks go to Doug Hunley and Crunchy Data for their continued contributions!

Download the CIS PostgreSQL Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

Updated CIS Microsoft Windows 10 Enterprise Benchmark v2.0.0

Here is a brief glimpse of what we did to improve the value of this Benchmark:

  • Analyzed over 80 new settings and services
  • Added 21 new security settings
  • Updated four settings
  • Removed one setting
  • Moved one setting (section change)
  • Moved, added, and removed sections due to updated ADMX templates

A huge thank you to the CIS Windows Community and Windows Team for making this happen. Special thanks go to Haemish Edgerton.

Download the CIS Microsoft Windows Desktop Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

Updated CIS Microsoft Windows 11 Enterprise Benchmark v2.0.0

Here is a brief glimpse of what we did to improve the value of this Benchmark:

  • Analyzed over 80 new settings and services
  • Added 27 new security settings
  • Updated four settings
  • Removed one setting
  • Moved one setting (section change)
  • Moved, added, and removed sections due to updated ADMX templates

A huge thank you to the CIS Windows Community and Windows Team for making this happen. Special thanks go to Haemish Edgerton.

Download the CIS Microsoft Windows Desktop Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

Updated CIS Apple iOS 16 and iPadOS 16 Benchmark v1.1.0

Here are some highlights of the work that we did to produce this Benchmark:

  • Added support for iPadOS 16.0
  • Added additional guidance for educational institutions
  • Updated several recommendations to give more comprehensive guidance

A huge thank you to the CIS Apple iOS Community for making this Benchmark happen. Special thanks go to Pierluigi Falcone and Ron Colvin.

Download the CIS Apple iOS Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

Updated CIS Kubernetes Benchmark v1.7.0

Here are some highlights of the work that was done:

  • Added support for Kubernetes v1.25
  • Addressed and removed obsolete recommendations and configuration settings
  • Resolved all other open bugs reported 

A huge thank you to the CIS Kubernetes Community for making this Benchmark happen. Special thanks go to to Rory McCune, Joe Bowbeer, and Liz Rice.

Download the CIS Kubernetes Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

Updated CIS VMware ESXi 7.0 Benchmark v1.2.0

Here are some highlights of the work that we did to update this Benchmark:

  • Updated and added numerous audit procedures
  • Updated recommendations to reflect new or changed default settings
  • Resolved false positives and all other open bugs reported 

A huge thank you to the CIS VMware Community for making this Benchmark happen. Special thanks go to Greg Carpenter, Matthew Reagan, and Sallie Ahlert.

Download the CIS VMware Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

Updated CIS VMware ESXi 6.7 Benchmark v1.3.0

Here are some highlights of the work that was done:

  • All bugs reported have been resolved
  • Many more PowerCLI command options have been added
  • Additional scan artifacts have been added to enhance automation

A huge thank you to the CIS VMware Community for making this Benchmark happen. Special thanks go to Greg Carpenter, Matthew Reagan, and Sallie Ahlert.

Download the CIS VMware Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

 

 

Get involved by helping us develop content, review recommendations, and test CIS Benchmarks. Join a community today! We're looking for contributors for the following technologies:


If you're interested, please reach out to us at [email protected]. You can also learn more on the CIS Benchmarks Community page.

Related Resources