Secure configurations are a key best practice for limiting an organization’s cyber vulnerabilities. Since systems don’t ship securely, it’s important to review and implement recommended guidance.
The CIS Benchmarks are secure configuration guidelines covering 100+ technologies for 25+ product vendor families. They are the only consensus-based secure configuration guidelines both developed and accepted by government, business, and academia worldwide. CIS Benchmarks are referenced by other frameworks such as PCI DSS, FISMA, HIPAA, and more.
The Center for Internet Security (CIS) has worked with a global community of cybersecurity experts for 20 years to identify, validate, and promote cybersecurity best practices. The CIS Benchmarks security recommendations are released for free in PDF format to help every organization secure their systems and data.
No-cost guidance is also available for cloud technologies through the CIS Foundation Benchmarks.
While these no-cost resources are great, it can be time-consuming and challenging to implement them manually from a PDF. This is why we’ve developed CIS Build Kits. These automated tools provide IT professionals with the option for both a rapid implementation of CIS Benchmark recommendations, along with confirmation that the implementation has been performed correctly.
CIS Build Kits are automated, efficient, repeatable, and scalable resources. They can be applied via the group policy management console in Windows, or through a shell script in Linux (Unix,*nix) environments. They can be tailored (customized) to an organization’s particular use case. Combined with the use of other CIS SecureSuite resources, Build Kits reduce the time to implement.
Here are three of the most important tips for making sure you successfully use Build Kits:
Once you’ve completed these steps you’re ready to deploy in a live environment.
Want to see what Build Kits have to offer? Try a sample CIS Build Kit today and see how easy it is to start secure and stay secure with CIS resources. These sample Build Kits contain a subset of the recommendations within the CIS Benchmark and are not intended to be fully implemented, but rather to provide you a snapshot of what to expect with the full CIS Build Kit. Samples include:
Complete CIS Build Kits are available to CIS SecureSuite Members as part of their Membership, and can be easily downloaded via CIS WorkBench. More than 50 Build Kits are currently available.
Membership includes access to full-format, machine-readable CIS Benchmarks, the CIS-CAT Pro configuration assessment tool with remote assessment capabilities, creation of custom configuration policy via CIS WorkBench, CIS CSAT Pro for assessing implementation of the CIS Controls, and more.
Already a CIS SecureSuite Member? Visit CIS WorkBench and access CIS Build Kits now.