CIS SecureSuite 101: Step-by-Step Guidance to System Hardening

We understand that organizations with limited staff and budget may need more support for implementing cybersecurity best practices. CIS is here to help! This virtual training series, exclusively for our small business and state, local, tribal, and territorial (SLTT) members, will provide step-by-step guidance to get the most out of CIS SecureSuite Membership.

We'll help you learn how to harden systems one step at a time in this four-week course. We'll start with the basics of accessing your Membership resources and take you all the way through deploying configuration settings into your production environment.

Session 1: First Steps and Choosing a System to Harden

We'll get you started with access to our community platform, CIS WorkBench. We will then help you understand which resources should be the target of your initial scans with CIS-CAT Pro Assessor, based on your environment. You'll discover how the CIS Controls can help identify which systems to target for hardening first. You'll learn:

  • How to access CIS WorkBench
  • Where to access CIS Benchmarks in multiple formats
  • Which target system(s) to harden first

Registration closed: this session has passed


Session 2: Run a Scan with CIS-CAT Pro Assessor V4

Start with a baseline scan to understand how your system is configured today. In this session, we'll explain how to assess a target system to see how it conforms to the security recommendations of the CIS Benchmark. You'll learn:

  • How to install and use CIS-CAT Pro Assessor V4
  • Steps for scanning Windows and Cisco devices
  • How to generate an HTML report that has scan findings/actionable intelligence

Registration closed: this session has passed


Session 3: How to Use a CIS-CAT Pro Assessor HTML Report

You've run a scan - now what? A report from CIS-CAT Pro helps you understand how your system is configured today. Learning how to interpret this report will provide you with actionable intelligence for a securely configured system. You'll learn:

  • How to interpret the results of a CIS-CAT Pro scan
  • What your next steps should be for secure configuration

Registration closed: this session has passed


Session 4: Configure Systems with CIS Build Kits

Now that you've identified and scanned a target system, we'll take you through the final step: remediating a system to be configured securely. CIS Build Kits are easily customized to your organization's unique needs and can deploy secure configuration settings at scale. In this final session, you'll learn:

  • Where to go in CIS WorkBench to download the CIS Build Kit for customization
  • How to roll out secure configuration in a production environment

Date:  Tuesday, March 2, 2021 – 11AM EST