CIS Awards Cimcor with First-Ever Benchmarks Configuration Certification
The CimTrak Integrity Suite is the first software to receive new CIS Configuration Certification for built-in, tested, and certified CIS Benchmarks within a product.
MERRILLVILLE, Ind. and EAST GREENBUSH, N.Y., June 8, 2021 – Cimcor is pleased to announce that it is the recipient of the first-ever Center for Internet Security (CIS®) Benchmarks Configuration Certification. The Center for Internet Security has provided this certification for the CimTrak Integrity Suite running on CIS CenOS Linux 7 Benchmark Level 1 and Level 2.
Providing a comprehensive set of security, auditing, and compliance tools to ensure the integrity of an IT infrastructure, the CimTrak Integrity Suite provides a streamlined way to bring Benchmark security to customers without impacting product, service, or system performance. The CIS Configuration Certified program certifies a product or service's configuration is in conformance with or can run in an environment configured to the CIS Benchmarks™, which are consensus-based, vendor-agnostic, secure configuration guidelines for the most commonly used systems and technologies.
"We believe that systems that have been hardened in accordance to CIS Benchmarks, are the foundation of a secure infrastructure. We are proud to be the first security company to receive CIS Benchmarks Configuration Certification,” said Robert E. Johnson, III, President and CEO of Cimcor, Inc. “This certification validates our commitment to CIS best practices and our commitment to creating world-class security software to deliver integrity, security, and compliance throughout the enterprise."
The new CIS Benchmarks Configuration Certification enables vendors to develop new products with the CIS Benchmarks built-in, tested, and certified at outset. Building this confidence into the products takes the guesswork out of knowing whether or not a CIS Benchmarks-hardened environment will work without impact.
“Cimcor has demonstrated a strong commitment in providing customers with the ability to ensure their assets are secured according to consensus-based best practice standards,” said Curtis Dukes, CIS Executive Vice President and General Manager, Security Best Practices. “Their customers won't have to reconfigure anything because the certification has demonstrated it will work straight out of the box.”
The new Configuration Certification pilot is open to a number of environments and use cases, including:
- Vendor seeking certification to promote their product (software) will run successfully on an environment hardened to CIS Benchmarks
- Vendor product sold configured to CIS Benchmark(s) with assurance that software will run without impact on an environment hardened to CIS Benchmarks
- Product configured to CIS Benchmark for said vendor product/offering (i.e., CIS Hardened Images, infrastructure, stack)
- One or more Benchmark(s) configured within another product/offering (i.e., device ships secure)
- Vendor service providing option to deploy configured environment to CIS Benchmark(s)
Certification is a benefit of CIS SecureSuite Product Vendor Membership, allowing companies eligibility to certify their security product(s) and/or service offering(s).
Cimcor develops innovative, next-generation, compliance, and system integrity monitoring software. The CimTrak Integrity Suite monitors and protects a wide range of physical, network, cloud, and virtual IT assets in real-time while providing detailed forensic information about all changes. CimTrak helps reduce configuration drift and ensure that systems are in a secure and hardened state. Securing your infrastructure with CimTrak helps you get compliant and stay that way. For more information, visit http://www.cimcor.com/cimtrak.
The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments. We are a community-driven nonprofit, responsible for the CIS Controls® and CIS Benchmarks™, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously refine these standards to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial (SLTT) government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the cybersecurity needs of U.S. elections offices. To learn more, visit CISecurity.org or follow us on Twitter: @CISecurity.
Jacqueline von Ogden