×
Why CIS Solutions Join CIS Resources
CIS WorkBench Sign-in CIS WorkBench Sign In CIS Hardened Images CIS Hardened Images Support CIS Support


Why CIS

Who We Are

CIS is an independent, nonprofit organization with a mission to create confidence in the connected world


About Us Leadership Principles Testimonials

Solutions

secure your organization
Secure Your Organization

CIS Controls®

Prioritized & simplified best practices

CIS Controls Community

Help develop and maintain the Controls

CIS RAM

Information security risk assessment method

CIS CSAT

Assess & measure Controls implementation
secure specific platforms
Secure Specific Platforms

CIS Benchmarks

100+ vendor-neutral configuration guides

CIS Benchmarks Community

Develop & update secure configuration guides

CIS-CAT®

Assess system conformance to CIS Benchmarks

CIS Hardened Images®

Virtual images hardened to CIS Benchmarks
cis securesuite CIS SecureSuite®

Start secure and stay secure with integrated cybersecurity tools and resources designed to help you implement CIS Benchmarks and CIS Controls

Learn More      Apply Now  
u s state local tribal and territorial governments
U.S. State, Local, Tribal & Territorial Governments

Memberships
MS-ISAC®

Cybersecurity resource for SLTT Governments

EI-ISAC®

Election-focused cyber defense suite

Services for Members
Albert Network Monitoring®

Cost-effective Intrusion Detection System

Managed Security Services

Security monitoring of enterprises devices

CIS CyberMarket®

Savings on training and software

Malicious Domain Blocking & Reporting

Prevent Connection to harmful web domains

View All CIS Services  
View All Products & Services  

Join CIS

Get Involved

Join CIS as a member, partner, or volunteer - or explore our career opportunities


CIS SecureSuite® Membership Multi-State ISAC (MS-ISAC®) Elections Infrastructure ISAC (EI-ISAC®) CIS CyberMarket® Vendors CIS Communities Careers

Resources

resources
Resources

Blog Advisories Newsletters Press Releases In The News Elections Resources
learn
Learn

White Papers Webinars Case Studies Spotlights Daily Tips
filter by topic
Filter by Topic

CIS Benchmarks CIS Controls® CIS Hardened Images® CIS Services® MS-ISAC® EI-ISAC®
View All Resources  
CIS Logo Show Search Expand Menu
Topic
Type



Blog post
This podcast episode host Tony Sager and guest Brian de Vallance explain that technology is not wizardry and about government and technical experts working together to create universal cybersecurity policy.



Advisory

Multiple vulnerabilities have been discovered in Rockwell Automation ISaGRAF5 Runtime, the most severe of which could allow for remote code execution.




Blog post
The Mirai botnet began by knocking rival Minecraft servers offline. It has since evolved to infect IoT devices worldwide.



Blog post
MDBR prevents systems from connecting to harmful web domains, limiting infections related to malware, ransomware, phishing, and other cyber threats.



Advisory

A vulnerability has been discovered in macOS Big Sur, iOS and iPadOS, which could allow for arbitrary code execution.




Blog post
Begin to implement a Zero Trust strategy using the CIS Controls v8 to improve the security of IT environments as demonstrated over time by reduced attacker dwell time.



Press releases
Malicious Domain Blocking and Reporting available to U.S. public and private hospitals, blocks harmful web domains from accessing hospital IT systems



Blog post
In June 2021, the MS-ISAC observed BitCoin Miner, Mirai, and Ursnif’s return to the Top 10. The Top 10 Malware variants comprise 62% of total malware activity.



Advisory

HP, Xerox and Samsung drivers which could result in local privilege escalation.




Advisory

Multiple vulnerabilities have been discovered in Apple Products, the most severe of which could allow for arbitrary code execution.




Blog post
We hope you'll stop by and see us at the upcoming HIMSS Global Health Conference & Exhibition in Las Vegas! We'll be at Booth C365 at Caesar's.



Advisory

Multiple vulnerabilities have been discovered in Adobe Products, the most severe of which could allow for arbitrary code execution.




Advisory

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution.




Advisory

Multiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution.




Blog post
Zero trust is an important information security architectural shift and attestation can provide system-level remediation and resiliency.


1 2 3 156
Subscribe Arrow