CIS Benchmarks November 2024 Update

CIS-Benchmarks

The following CIS Benchmarks™ and CIS Build Kits have been updated or recently released. We've highlighted the major updates below. Each Benchmark and Build Kit includes a full changelog that references all changes.

CIS Benchmarks Updated Last Month

CIS Amazon Web Services Foundations Benchmark v4.0.0

Some items of note for this update:

  • Reviewed and revised CIS Critical Security Controls® (CIS Controls®) Safeguard mapping
  • Enhanced CLI steps across multiple recommendations
  • Streamlined workflow for CLI-based recommendations
  • Conducted quality assurance review on updated procedures

We would like to take a moment to express our gratitude to the entire community for your invaluable contributions during the review process. Your feedback and insights have played a crucial role in shaping this release, ensuring it meets the needs of AWS users across a variety of industries. Thank you for your ongoing support and collaboration!

Download the CIS Amazon Web Services Benchmark in PDF.

CIS SecureSuite® Members can visit CIS WorkBench here to download other formats and related resources.

CIS Apple macOS 13.0 Ventura Benchmark v3.0.0

Some items of note for this update:

  • New supplemental section added to give more information on the security of macOS that does not require specific guidance
  • Added missing functionality that was not auditable in previous versions of the Benchmarks
  • Updated all Terminal commands to reflect the shell change from bash to zsh
  • Modified recommendations to reflect community tickets

A huge thanks to the CIS macOS Community for making this happen, with special thanks to Ron Colvin, William Harrison, Bob Gendler, Allen Golbig, Dan Brodjieski, and John Mahlman.

Download the CIS Apple macOS Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Apple macOS 14.0 Sonoma Benchmark v2.0.0

Some items of note for this update:

  • New supplemental section added to give more information on the security of macOS that does not require specific guidance
  • Added missing functionality that was not auditable in previous versions of the Benchmarks
  • Updated all Terminal commands to reflect the shell change from bash to zsh
  • Modified recommendations to reflect community tickets

A huge thanks to the CIS macOS Community for making this happen, with special thanks to Ron Colvin, William Harrison, Bob Gendler, Allen Golbig, Dan Brodjieski, and John Mahlman.

Download the CIS Apple macOS Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Apple macOS 13.0 Ventura Cloud-tailored Benchmark v1.1.0

Some items of note for this update:

  • Added missing functionality that was not auditable in previous versions of the Benchmarks
  • Removed recommendations that were not needed in a non-local environment
  • Updated all Terminal commands to reflect the shell change from bash to zsh
  • Modified recommendations to reflect community tickets

A huge thanks to the CIS macOS Community for making this happen.

Download the CIS Apple macOS Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Azure Kubernetes Service (AKS) Benchmark v1.6.0

This Benchmark includes support for Kubernetes clusters built on Kubernetes v1.28, v1.29, and v1.30. Some items of note for this update:

  • Over 30 recommendations have been added or enhanced
  • The AAC has been improved
  • The Benchmark and recommendations have been updated to support Kubernetes v1.30

A huge thank you to the CIS Kubernetes Community for making this happen, with special thanks to Rory McCune and Mark Larinde for their dedication to making this Benchmark the best it can be.

Download the CIS Kubernetes Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS MongoDB 6 Benchmark v1.2.0

This Benchmark includes support for MongoDB 6 along with updated recommendations and AAC.

A huge thanks to the CIS MongoDB Community for making this Benchmark a reality.

Download the CIS MongoDB Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS MongoDB 7 Benchmark v1.1.0

This Benchmark includes support for MongoDB 7 along with updated recommendations and AAC.

A huge thanks to the CIS MongoDB Community for making this Benchmark a reality.

Download the CIS MongoDB Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Oracle Cloud Infrastructure for Kubernetes (OKE) Benchmark v1.6.0

This Benchmark includes support for Kubernetes clusters built on Kubernetes v1.28, v1.29, and v1.30. Some items of note for this update:

  • Over 30 recommendations have been added or enhanced
  • The AAC has been improved
  • The Benchmark and recommendations have been updated to support Kubernetes v1.30

A huge thank you to the CIS Kubernetes Community for making this happen, with a special thanks to Mark Larinde for his dedication to making this Benchmark the best it can be.

Download the CIS Kubernetes Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS SUSE Linux Enterprise 12 Benchmark v3.2.0

Some items of note for this update:

  • Added one section and 19 recommendations
  • Dropped one section and 19 recommendations
  • Updated 15 sections and 119 recommendations

A huge thank you to the 'Nix Team and the Linux community for all their hard work to make this updated Benchmark possible.

Download the CIS SUSE Linux Enterprise Server Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

New CIS Benchmarks Released Last Month

CIS Apple iOS 18 Benchmark v1.0.0

Some items of note for this new release:

  • Updated guidance for Apple's new mobile iOS platform
  • Added guidance around features of the new OS

A huge thank you to the CIS Apple iOS Community for making this Benchmark happen, with special thanks to Pierluigi Falcone and Ron Colvin.

Download the CIS Apple iOS Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Apple iPadOS 18 Benchmark v1.0.0

Some items of note for this new release:

  • Updated guidance for Apple's new mobile iOS platform
  • Added guidance around features of the new OS

A huge thank you to the CIS Apple iOS Community for making this Benchmark happen, with special thanks to Pierluigi Falcone and Ron Colvin.

Download the CIS Apple iOS Benchmark in PDF. 

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Apple macOS 15.0 Sequoia Benchmark v1.0.0

Some items of note for this new release:

  • Updated guidance for Apple's newest operating system and added new recommendations based on new functionality in macOS 15.0
  • New supplemental section added to give more information on the security of macOS that does not require specific guidance
  • Added missing functionality that was not auditable in previous versions of the Benchmarks

Special thanks go to Ron Colvin, William Harrison, Bob Gendler, Allen Golbig, Dan Brodjieski, and Isaac Ordonez.

Download the CIS Apple macOS Benchmark in PDF.

CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.

CIS Build Kits Created Last Month


 

Get involved by helping us develop content, review recommendations, and test CIS Benchmarks. Join a community today!

If you're interested, please reach out to us at [email protected]. You can also learn more on the CIS Benchmarks Community page.