The Center for Internet SecurityThe Center for Internet Security Site MapContact UsPrivacy Policy
The Center for Internet Security
HomeNewsWhat is CIS?Benchmarks/ToolsOther ResourcesJoin UsTestimonialsFAQ
CIS Members site

Become a Member of CIS - Click here for more info

More than 170 members, from around the wrold! Click here for more info

Get Involved - Click here for more info



CIS certifies commercial software. Click here for more info

CIS licenses resources for commercial use. Click here for more info.

click here to find out about CIS trademarks.

Click here to find out about upcoming conferences and events!

 Benchmarks/Tools
CIS Level 1 & 2 Benchmark for Mac OS X - Click Here to Download Them
- FAQ - The Benchmarks
May 2008:

The Mac OS X 10.5 (Leopard) Benchmark (v1.0) is now available!  
The Download Files Include:
  • CIS_MacOSX_10.5_Benchmark_v1.0.pdf - The Mac OS X 10.5 Leopard Level 1 & 2 Benchmark Version 1.0 document containing detailed instructions for implementing the steps necessary for CIS Level-I & 2 security on Mac OS X 10.5 (Leopard).
  • CIS_OSX_10.4_Benchmark_v2.0.pdf - The Mac OS X Tiger Benchmark Version 2.0 document containing detailed instructions for implementing the steps necessary for CIS Level-I security on Mac OS X 10.4 (Tiger).
    •  
What are the Benchmarks and Scoring Tool?
The Benchmarks are a compilation of security configuration actions and settings that "harden" OS X operating systems. They recommend Level 1 Benchmark guidance for Tiger and Level 1 & 2 Benchmark guidance for Leopard, representing the prudent level of minimum due care for operating system security.

Level 1 Benchmark settings/actions:

  • Can be understood and performed by system administrators with any level of security knowledge and experience;
  • Are unlikely to cause an interruption of service to the operating system or the applications that run on it; and
  • Can be automatically monitored either by CIS Scoring Tools or by CIS Certified tools available from security software vendors.  CLICK HERE for a roster of commercially available
    CIS-certified software tools.  

Level 2 Benchmark settings/actions:

  • Enhance security beyond the minimum due care level, based on specific network architecture and server function; and
  • Contain some security configuration recommendations that affect functionality, and are therefore of greatest value to system administrators who have sufficient security knowledge to apply them with consideration to the functions and applications running in their particular environments.
Share Your Feedback
We value your feedback, which may be used both to update and further define the Mac OS X Leopard and Tiger Benchmarks' security configuration recommendations.  Please direct your technical feedback to:
The CIS Feedback Email Address
Please direct other feedback to:
Bert Miuccio, Vice President
For more information about the CIS consensus process and the benchmarks, go to What are the Benchmarks? and FAQ - The Benchmarks.  
Updates to the Benchmark and Tool
The CIS Benchmarks for Mac OS X 10.5 (Leopard) and 10.4 (Tiger) are updated periodically. Continuous feedback from CIS Members and other users assures that the consensus standard of minimum due care is always reflected in the recommended settings.

Revision histories can be found in the benchmark documents.  One of the benefits of CIS Membership is electronic notification when updates become available. 

Click Here for more information about membership.  If your organization is not a member of the Center, visit this website periodically to assure that you are using the latest version of the Mac OS X Benchmark.

DOWNLOAD the CIS Mac OS X Leopard and Tiger Benchmarks



Logo and Design by Keiler
© 2005, the Center for Internet Security.