Wrap up: CIS Benchmarks Prevalent at AWS re:Invent 2018

AWS re:Invent took Las Vegas by storm again this November, bringing together cybersecurity industry leaders to discuss and develop the leading edge of cloud technology. CIS® was featured in a number of presentations and announcements at this year’s sessions. We’re sharing links to those slide decks with you so you can learn more about how the CIS Benchmarks™ are integrated into AWS products. Discover how you can secure and harden cloud environments with CIS’ consensus-developed resources.

Cloud Security & CIS Benchmarks

Just like traditional computers, virtual machines need to be secured. CIS provides free PDF guidelines for securing 140+ platforms – including cloud environments – called CIS Benchmarks. The CIS Benchmarks are a robust, consensus-based standard for hardening servers, operating systems, and popular software.

CIS, AWS, and other volunteers worked together to create the CIS Benchmark for AWS Foundations. It contains recommendations for securing the AWS environment and has been integrated into AWS products. Here are some of the presentations that mentioned the CIS Benchmark for AWS Foundations:

Improve your Security Posture with AWS CloudFormation


See slides 21-26 for more information about the CIS Benchmark for AWS Foundations and how to deploy the recommendations with AWS CloudFormation. It provides a common language for you to describe and provision all the infrastructure resources in your cloud environment using a simple text file.

re:Invent slide 

GDPR Readiness and Management (SEC206-R1)


The CIS Benchmark for AWS Foundations is referenced on slide 20 as a starting point for complying with GDPR on AWS. CIS has additional resources about how to start on the path to GDPR compliance.

re:Invent GDPR slide

Introduction to AWS Security Hub (SEC397)


re:Invent Security Hub slide

AWS announced AWS Security Hub which can be used to quickly assess high-priority security alerts and compliance status across AWS accounts. CIS is mentioned on slide 14 to explain how the CIS Benchmark for AWS Foundations helps with compliance checks.

Automate & Audit Cloud Governance & Compliance in Your Landing Zone


CIS Benchmarks are listed on slides 9 and 93 as resources for helping meet compliance standards while working on AWS. You can view our mappings and compliance page to learn more about how CIS resources can help you comply with various frameworks.

re:Invent Cloud Compliance slide

How Snap Accomplishes Centralized Security and Configuration Governance on AWS (SEC350)


The CIS Benchmark is called out on slide 7 of this presentation about governance at scale. Again, the CIS Benchmark for AWS Foundations is referenced by AWS.

re:Invent AWS Foundations Benchmark slide

AWS Marketplace for Containers

Last but not least, a big announcement at AWS re:Invent was the new AWS Marketplace for Containers. CIS was a launch partner at the event, releasing our first CIS Hardened Image for Docker containers. Learn more about the announcement from AWS via this slideshare. You might also want to read this blog post to learn more about the CIS Hardened Image for Ubuntu 16.04 on Docker.

The Future of Cloud Security

Each year, AWS re:Invent brings us to the cutting edge of the cloud. CIS is proud to be a part of that journey. We’re excited to see what next year will bring – and how we can help secure it together. In the meantime, you can start secure on AWS by downloading the free PDF below.