CIS Logo
tagline: Confidence in the Connected World

CIS Hardened Image Compute Hours Increased Almost 50 Percent from 2018-2019

Userbase in AWS Marketplace Grows by More Than 80 Percent in 2019

EAST GREENBUSH, N.Y., Mar. 4, 2020 – CIS Hardened Images® consumers clocked more than 300 million computed usage hours in 2019; up from over 160 million in 2018. CIS Hardened Images provide users a secure, on-demand, and scalable computing environment and are currently available on Amazon Web Services (AWS) Marketplace, AWS GovCloud (U.S. Region), and AWS for the U.S. Intelligence Community (IC); Microsoft Azure Marketplace, Microsoft Azure Government Marketplace; Google Cloud Platform (GCP) Marketplace; and, Oracle Cloud Marketplace.

“Cloud customers clearly see the value in CIS Hardened Images,” said Curtis Dukes, CIS Executive Vice President of Security Best Practices & Automation Group. “This is evidenced by the continued growth of our userbase in the different cloud service providers.”

CIS Hardened Images are virtual machine images pre-configured to applicable CIS Benchmark recommendations. CIS Benchmarks and their corresponding Hardened Images are used by thousands of organizations for compliance support with DoD Cloud Computing SRG, FedRAMP, PCI DSS, NIST, and HIPAA standards. For organizations and industries that require compliance to Security Technical Implementation Guide (STIG) standards, CIS has mapped the CIS Benchmark to STIG standards, when applicable, and includes the remaining STIG and CIS recommendations that do not map to each other.

CIS has created over 30 different Hardened Images that have been duplicated across the four different cloud platforms. More than 100 different countries use the Images. The most popular Hardened Images in 2019 with over 190 million compute hours were:

  • CIS Red Hat Enterprise Linux 7 Benchmark – Level 1
  • CIS CentOS Linux 7 Benchmark – Level 1
  • CIS Microsoft Windows Server 2016 Benchmark – Level 1
  • CIS Amazon Linux Benchmark – Level 1
  • CIS Ubuntu Linux 16.04 LTS Benchmark – Level 1
  • CIS Amazon Linux 2 Benchmark – Level 1
  • CIS Ubuntu Linux 18.04 LTS Benchmark – Level 1
  • CIS Microsoft Windows Server 2016 Benchmark – Level 1
  • CIS CentOS Linux 7 Benchmark – Level 1
  • CIS Microsoft Windows Server 2016 Benchmark – Level 2

The CIS Red Hat Enterprise Linux 7 Benchmark – Level 1, alone had over 46 million compute hours in 2019, followed by almost 30 million for the CIS CentOS Linux 7 Benchmark – Level 1.

“We expect the number of compute hours to continue to rise in 2020 as more cloud service providers offer CIS Hardened Images,” said Dukes.

CIS Hardened Images help mitigate common threats such as malware, insufficient authorization, and remote intrusion. They are updated every month to address patching and vulnerabilities.

Every CIS Hardened Image includes a CIS-CAT® Pro report showing conformance to the CIS Benchmark, as well as an exception report showing configurations that cannot be applied in the cloud.

For a complete list of CIS Hardened Images by cloud service provider visit:

https://www.cisecurity.org/cis-hardened-images/

About CIS:

The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments. We are a community-driven nonprofit, responsible for the CIS Controls® and CIS Benchmarks, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously refine these standards to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial (SLTT) government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the cybersecurity needs of U.S. elections offices. To learn more, visit CISecurity.org or follow us on Twitter: @CISecurity.

Contact: Autum Pylant, CIS Senior Communications Specialist

media@cisecurity.org