New CIS Benchmarks and CIS Hardened Images for Windows Server 2019, Red Hat 8, and More

New versions of technologies are released all the time. How can you keep up with the changes and the impact they might have on security? The Center for Internet Security (CIS) team continuously releases and updates our cybersecurity best practices for new technologies. We recently released new CIS Benchmarks for both Microsoft Windows Server 2019 and Red Hat Enterprise Linux 8. These cybersecurity guidelines for secure configuration, a.k.a. CIS Benchmarks, can help organizations start securely on-prem, or work securely in the cloud through CIS Hardened Images. Keep scrolling to learn how they’re developed.

Step One: Creating CIS Benchmarks for secure configuration recommendations

CIS_Benchmarks_CommunityThe development process for a new CIS Benchmark kicks off with the creation of a new community in CIS WorkBench, our online collaboration platform. These communities are made up of cybersecurity experts from around the world. Using CIS WorkBench, they collaborate to come to a consensus on the cybersecurity best practices to include in the CIS Benchmark for a particular technology. For this particular release, the CIS Benchmarks community discussed recommendations and best practices for Microsoft Windows Server 2019.

Arrow Learn more about CIS Communities

According to Microsoft, the latest edition of Microsoft Windows Server 2019 focuses on the concepts of Hybrid Cloud, Security, Application Platform, and Hyper-Converged Infrastructure (HCI). The community addressed those topics among other features available in the new operating system (OS) in their discussions.

But that’s not all the CIS team and community have been up to. CIS Benchmarks for Red Hat Enterprise Linux 8, CentOS Linux 8 and Oracle Linux 8 were also recently released.

All CIS Benchmarks are available for free PDF download at or directly from CIS WorkBench, if you’re a CIS SecureSuite Member.

Step Two: Creating CIS Hardened Images for security in the cloud

After the new CIS Benchmark for Windows Server 2019 released, the team got to work on the CIS Hardened Image for the same technology. CIS Hardened Images are virtual machine images preconfigured to the security recommendations found in the CIS Benchmarks. They are an “actualization” of the CIS Benchmark for the cloud.


The team has a clearly outlined process for building and quality assurance testing all CIS Hardened Images. A major part of that testing is ensuring that the hardened virtual images meet the applicable recommendations of the corresponding CIS Benchmarks. To corroborate this conformance, the team runs a CIS-CAT Pro (configuration assessment tool created by CIS) scan and includes the report in every CIS Hardened Image for reference.

Take a closer look at the CIS Hardened Images in the video below.



The CIS Hardened Image for Windows Server 2019 is available in the AWS Marketplace, Microsoft Azure Marketplace, and Google Cloud Platform Marketplace. CIS Hardened Images for Red Hat Enterprise Linux 8, CentOS 8, and Oracle Linux 8 will be coming soon!