Enhanced CIS-CAT Pro Offers Powerful Combination of CIS Benchmarks and CIS Controls Assessment
February 26th, 2017
East Greenbush, NY
New Offerings Part of CIS SecureSuite Membership
CIS, an independent voice in the field of cybersecurity, today announced the addition of several new features that will significantly enhance the functionality of its signature product suite. The updated and enhanced CIS tools include the CIS Benchmarks annotated with CIS Controls, multi-component CIS-CAT Pro, and CIS WorkBench — all of which are available through a CIS SecureSuite Membership. The CIS SecureSuite Membership provides access to a wide range of tools and resources to help public and private entities improve their cybersecurity posture. The CIS Benchmarks annotated with CIS Controls still can be downloaded for free as a PDF.
The CIS Security Benchmarks, together with their popular CIS Configuration Assessment Tool (CIS-CAT), have gained popularity among thousands of global public and private sector organizations. CIS is taking a big step forward by integrating the CIS Controls best practices into the Benchmark standards and CIS-CAT assessment platform. The newly enhanced product is called CIS-CAT Pro. Integrating these two proven cybersecurity resources into a suite of integrated tools provides users the automated means to assess their security environments against a rigorous security framework to better protect their critical systems against cyber attacks.
The CIS Benchmarks annotated with CIS Controls mappings will include all applicable controls and sub-controls for the specific benchmark. This unique combination of CIS Benchmarks and CIS Controls will provide one-of-a-kind guidance for users to establish a solid cybersecurity foundation. In the new release, CIS Controls annotations have been completed for multiple Microsoft® Windows® and Linux benchmarks. More will follow soon and throughout 2017.
CIS-CAT Pro offers other powerful features in its CIS-CAT Pro Assessor and CIS-CAT Pro Dashboard components. With CIS-CAT Pro Assessor, users can assess the configuration of target systems, returning a score between 1 and 100 for CIS Benchmark conformity against 80+ benchmarks (much as the original CIS-CAT did). However, now users can store those CIS-CAT Pro Assessor results in a centralized CIS-CAT Pro Dashboard solution. Within the CIS-CAT Pro Dashboard, users can visualize configuration and vulnerability assessment trends, create and track exceptions to failing results, generate remediation reports, and create a CIS Controls-specific view of configuration assessment results.
Updated Community Site
CIS is also releasing an updated community site named CIS WorkBench, which enables a more efficient CIS Benchmark development capability, and the ability for CIS WorkBench community members to customize CIS Benchmarks to their enterprise-specific needs. CIS WorkBench’s other enhanced features include the ability to provide expanded content coverage in various formats that are easily exportable for members in Adobe® PDF, Microsoft® Word®, and Microsoft® Excel®, as well as XML and OVAL® formats (export capability for XML and OVAL® will expand over the coming months).
“We are immensely grateful to our CIS Benchmarks and CIS Controls communities for their professionalism in helping to make these important new tools a reality,” said Curt Dukes, Executive V.P. & G.M., CIS Security Best Practices & Automation. “These enhanced products and tools were developed in partnership with the CIS Security Best Practices & Automation Group, who dedicated months of planning, programming, and testing to these projects,” he added.
The powerful combination of the CIS Benchmarks with the CIS Controls mappings, CIS-CAT Pro, CIS-CAT Pro Assessor, and CIS-CAT Pro Dashboard are only available through a CIS SecureSuite Membership. (PDF versions of the annotated CIS Benchmarks are always available free to the public.) Interested parties should view the CIS website (https://cisecurity.org) for more information on membership opportunities.
About the Center for Internet Security
The Center for Internet Security (CIS) is a 501(c)(3) organization dedicated to enhancing the cybersecurity readiness and response among public and private sector entities. Utilizing its strong industry and government partnerships, CIS combats evolving cybersecurity challenges on a global scale and helps organizations adopt key best practices to achieve immediate and effective defenses against cyber attacks. CIS is home to the Multi-State Information Sharing & Analysis Center (MS-ISAC), CIS Security Benchmarks, and CIS Critical Security Controls. To learn more, visit CISecurity.org and follow us on Twitter: @CISecurity.