CIS Debuts New Benchmarks, Hardened Images at AWS re:Invent
CIS launches new STIG compliant Benchmark and Hardened Image for Red Hat Enterprise Linux 7
LAS VEGAS, Dec. 2, 2019 –The Center for Internet Security, Inc. (CIS®) launched a new Department of Defense (DoD) STIG compliant CIS Benchmark and Hardened Image for Red Hat Enterprise Linux 7, along with several other new Hardened Images for Microsoft Server 2019 today at AWS re:Invent 2019 in Las Vegas, Nevada.
Security Technical Implementation Guides (STIGs) are the configuration standards for DoD Information Assurance (IA) and IA-enabled devices and systems. STIGs contain technical guidance to “lock down” information systems and software that might otherwise be vulnerable to a malicious cyber-attack.
With the launch of the CIS Red Hat Enterprise Linux, organizations can rely on CIS Benchmarks™ and Hardened Images for STIG compliance. The new CIS Benchmark recommendations map to the STIG when applicable, and includes the remaining STIG and CIS recommendations that do not map to each other.
The CIS STIG Hardened Image maps from an existing version of the CIS RHEL 7 Benchmark. CIS will update this STIG compliant Hardened Image every month, and expand coverage with new STIG compliant images based on feedback from stakeholders.
“The result is an image that meets both the CIS Benchmark and the DoD STIG configuration,” said Curtis Dukes, CIS Executive Vice President of Security Best Practices & Automation Group. “As a result, when customers are applying CIS Benchmarks and need to be STIG compliant, they’ll be able to understand where their gaps are quickly.”
Along with today’s launch, CIS is also pleased to announce new CIS Hardened Images® for Windows Server 2019. Additional Hardened Images for Red Hat Enterprise Linux 8, CentOS 8, and Oracle Linux 8 will be released in the coming weeks. These new Hardened Images will be available on major cloud platforms, including the AWS Marketplace.
AWS Marketplace offers more than 24 CIS Hardened Images in all regions including the GovCloud (U.S.) regions and AWS for the Intelligence Community. CIS Hardened Images, purchased through the AWS Marketplace have had more than 200 million hours of usage to date this year.
“CIS is pleased to announce the launch of these new additional Hardened Images to support the increasing demand we’re seeing in the cloud marketplace for secure computing environments,” said Dukes.
CIS Hardened Images map to the CIS Benchmarks, a set of vendor agnostic, internationally recognized secure configuration guidelines. CIS Hardened Images provide users a secure, on-demand, and scalable computing environment. They are available from major cloud computing platforms including AWS.
Please join the CIS team at AWS re:Invent this week to learn more about our cybersecurity best practices, products, and services. You can meet us at booth #1807.
CIS is a forward-thinking, nonprofit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. The CIS Controls® and CIS Benchmarks are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. Our CIS Hardened Images are virtual machine emulations preconfigured to provide secure, on-demand, and scalable computing environments in the cloud. CIS is home to both the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the cybersecurity needs of U.S. State, Local, and Territorial elections offices. To learn more, visit www.CISecurity.org or follow us on Twitter: @CISecurity.