CIS Hardened Images on Amazon Web Services (AWS) Marketplace
CIS Hardened Images provide security beyond what's offered in base virtual machine (VM) images. They are pre-configured to the security recommendations of the CIS Benchmarks, which are trusted configuration guidelines developed by a global community of IT experts. CIS Hardened Images are available on AWS Marketplace including the AWS GovCloud (US) region. They're also available on AWS for the Intelligence Community (AIC).
Get started with CIS Hardened Images on AWS Marketplace
AlmaLinux OS
Amazon Linux
Level 2
Level 1
Apple macOS
Debian Linux
Microsoft Windows Server
Level 1
Level 2
Oracle Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu Linux
Level 1
AlmaLinux OS
Amazon Linux
Level 2
Level 1
Apple macOS
Debian Linux
Microsoft Windows Server
Level 1
Level 2
Oracle Linux
Rocky Linux
SUSE Linux Enterprise Server
Ubuntu Linux
Level 1
CIS AWS Foundations Benchmark
AWS directly contributes to the CIS community consensus process that created the CIS AWS Foundations Benchmark. The purpose of this CIS Benchmark is to provide prescriptive guidance for your AWS account. It provides configuration recommendations for identity and access management, monitoring and logging, and networking.
Explore CIS AWS Foundations Benchmark
Making Cloud Security Automation Easier
EC2 Image Builder is an AWS service that simplifies the process of building a golden image. To help you automate your cloud security efforts, we're working with EC2 Image Builder to help you build secure golden images off of our CIS Hardened Images.
Level 1 hardening components are available in EC2 Image Builder for the following operating systems:
- Red Hat 7
- Amazon Linux 2
- Microsoft Windows Server 2019
- Microsoft Windows Server 2022
Learn how this helps you automate your cloud security efforts.
Meet your Shared Responsibility on AWS with CIS
Depending on what your organization’s cloud infrastructure looks like, the responsibility of security actions varies between the cloud user and Amazon Web Services. The AWS Shared Responsibility Model outlines what security actions an organization is responsible for and what security actions AWS manages. CIS offers globally-recognized cybersecurity resources, like the CIS Hardened Images, that can help cloud consumers meet the expectations of the shared responsibility model.
Learn more in our guide:
Cloud Security and the AWS Shared Responsibility Model with CIS
Security Automation and Orchestration (SAO)
CIS Benchmarks and CIS Hardened Images are part of the AWS SAO methodology. AWS SAO enables AWS customers to constrain, track, and publish continuous risk treatments, configurations, and assimilate DevOps routines into a “Type Accredited” secure AWS architecture. This architecture is configured to converge common security frameworks (e.g. FedRAMP, DoD CC SRG, PCI-DSS, IRS 1075, etc.) through the use of security as code practices.
Get Started with CIS Hardened Images on AWS Marketplace
Learn About CIS Hardened ImagesHardened Images FAQsCIS Benchmarks FAQsGet Started with CIS Hardened Images on AWS Marketplace
Learn About CIS Hardened ImagesHardened Images FAQsCIS Benchmarks FAQsFrom our members
Learn how organizations and IT experts are harnessing the power of CIS Hardened Images on AWS Marketplace to start secure and stay secure.
CIS Hardened Images Free Trials Available in AWS Marketplace
Does your organization spend countless resources hardening operating systems in the Cloud? If so, it doesn't have to be this way! You can save yourself time and money by deploying a CIS Hardened Image.