Hardened Images

CIS offers dozens of hardened images via major cloud computing vendors. CIS Hardened Images are securely configured according to applicable CIS Benchmarks.

To see the full list of CIS Hardened Images, including Amazon Linux, Microsoft Windows Server 2012 R2, CentOS Linux, RHEL, and more, view our list of available platforms.

CIS Benchmarks

Our images are hardened to secure configuration standards that are collaboratively developed and used by thousands worldwide.

Stay Secure

Hardened images help mitigate the common threats of denial of service, insufficient authorization, and overlapping trust boundaries threats.

Reduce Cost

Virtual images are a flexible, on-demand computing solution that saves time and money on hardware purchasing, software licensing, and maintenance.

Virtual Image vs. Hardened Virtual Image

A virtual image is a snapshot of a virtual machine (VM) used to create a running instance in a virtual environment, thus providing the same functionality as a physical computer. Virtual images reside on the cloud and let you cost-effectively perform routine computing operations without investing in local hardware and software.

Hardening is a process of limiting potential weaknesses that make systems vulnerable to cyber attacks. Examples include:

  • Disabling unnecessary ports/services
  • Eliminating unneeded programs and internal root accounts
  • Limiting/denying visitor access

More secure than a standard image, hardened virtual images reduce system vulnerabilities to help protect against denial of service, unauthorized data access, and other cyber threats.

Benefits of CIS Benchmark-hardened Images

CIS offers numerous images hardened to meet the CIS Benchmarks, secure configuration standards that are collaboratively developed by our volunteer consensus community and used by thousands worldwide. CIS Benchmarks are vendor-agnostic and you can be sure all CIS Hardened Images will be securely configured, regardless of the cloud platform you choose.

CIS Hardened Images:

  • Conform to recommended cybersecurity best practices developed and reviewed by experts around the world
  • Can be deployed across networks by administrators
  • Eliminate upfront investments in hardware
  • Are available from cloud providers that allow you to scale your virtual resources (and your security) on-the-fly
  • Include exception reports and CIS-CAT Pro reports showing conformance to applicable CIS Benchmarks

CIS Hardened Images of Windows and Linux OS are available hardened to Level 1 or Level 2 Profiles to meet various security needs.

Where to Find CIS Hardened Images

CIS offers virtual machines on Google Cloud Platform and Amazon Machine Images (AMIs) on Amazon Web Services in the AWS Marketplace, IC region, and GovCloud. Plans are underway to launch hardened images on Microsoft Azure in 2017.

Learn More

Everything You Need to Know About CIS Hardened Images

Visit CIS at These Events

Arrow AWS Automating Security in the Cloud Workshop
August 8-9, 2017 in Seattle, WA
Arrow AWS Automating Security in the Cloud Workshop
September 27-28, 2017 in Austin, TX
Arrow AWS Automating Security in the Cloud Workshop
October 4-5, 2017 in Tampa, FL

CIS Hardened Images

AWS Technology Partner - CIS

Google Cloud Partner - CIS

Arrow Review available platforms


What People are Saying:

"Based on the value, time and costs saving, I would not consider spinning up a AWS server without adding the CIS security to it for any production-level instance."

- V.P. Application Lifecycle Management
CorTechs, Inc.