CIS offers dozens of hardened images via major cloud computing vendors including Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure. CIS Hardened Images are securely configured according to applicable CIS Benchmarks.
To see the full list of CIS Hardened Images, including Amazon Linux, Microsoft Windows Server 2012 R2, CentOS Linux, RHEL, and more, view our list of available platforms.
Our images are hardened to secure configuration standards that are collaboratively developed and used by thousands worldwide.
Hardened images help mitigate the common threats of denial of service, insufficient authorization, and overlapping trust boundaries threats.
Virtual images are a flexible, on-demand computing solution that saves time and money on hardware purchasing, software licensing, and maintenance.
Virtual Image vs. Hardened Virtual Image
A virtual image is a snapshot of a virtual machine (VM) used to create a running instance in a virtual environment, thus providing the same functionality as a physical computer. Virtual images reside on the cloud and let you cost-effectively perform routine computing operations without investing in local hardware and software.
Hardening is a process of limiting potential weaknesses that make systems vulnerable to cyber attacks. Examples include:
- Disabling unnecessary ports/services
- Eliminating unneeded programs and internal root accounts
- Limiting/denying visitor access
More secure than a standard image, hardened virtual images reduce system vulnerabilities to help protect against denial of service, unauthorized data access, and other cyber threats.
Benefits of CIS Benchmark-hardened Images
CIS offers numerous images hardened to meet the CIS Benchmarks, secure configuration standards that are collaboratively developed by our volunteer consensus community and used by thousands worldwide. CIS Benchmarks are vendor-agnostic and you can be sure all CIS Hardened Images will be securely configured, regardless of the cloud platform you choose.
CIS Hardened Images:
- Conform to recommended cybersecurity best practices developed and reviewed by experts around the world
- Can be deployed across networks by administrators
- Eliminate upfront investments in hardware
- Are available from cloud providers that allow you to scale your virtual resources (and your security) on-the-fly
- Include exception reports and CIS-CAT Pro reports showing conformance to applicable CIS Benchmarks
CIS Hardened Images of Windows and Linux OS are available hardened to Level 1 or Level 2 Profiles to meet various security needs.
Where to Find CIS Hardened Images
CIS offers virtual machines on the Microsoft Azure Marketplace and Google Cloud Platform (GCP), and Amazon Machine Images (AMIs) on Amazon Web Services in the AWS Marketplace, IC region, and GovCloud.
Visit CIS at These Events
| ISC2 Congress
October 6-10 in New Orleans, LA
| AWS SAO Workshop - DFARS Focus
October 30 in Ballston, VA
| AWS SAO Workshop - FedRAMP/DoD Focus
November 6 in Ballston, VA
| re:Connect at AWS re:Invent
November 26 in Las Vegas, NV