Download CIS Benchmarks Free of Charge
The Security Configuration Benchmarks are distributed free of charge to propagate their worldwide use and adoption as user-originated, de facto standards.
The CIS Benchmarks are the only consensus-based, best-practice security configuration guides both developed and accepted by government, business, industry, and academia.
The Benchmarks are:
- Recommended technical control rules/values for hardening operating systems, middleware and software applications, and network devices;
- Unique, because the recommendations are defined via consensus among hundreds of security professionals worldwide;
- Downloaded several hundred thousand times per year;
- Distributed free of charge by CIS in .PDF format (many benchmarks are also available to CIS Members in XCCDF, a machine-readable XML format for use with benchmark audit tools and Members' custom scripts);
- Used by thousands of enterprises as the basis for security configuration policies and the de facto standard for IT configuration best practices.