CIS Benchmarks October 2024 Update
The following CIS Benchmarks™ and CIS Build Kit have been updated or recently released. We've highlighted the major updates below. Each Benchmark and Build Kit includes a full changelog that references all changes.
CIS Benchmarks Updated Last Month
- CIS Amazon Web Services Foundations Benchmark v4.0.0
- CIS Debian Linux 12 Benchmark v1.1.0
- CIS Google Kubernetes Engine (GKE) Benchmark v1.6.1
- CIS Kubernetes Benchmark v1.10.0
- CIS Microsoft Azure Foundations Benchmark v3.0.0
CIS Amazon Web Services Foundations Benchmark v4.0.0
This update includes significant improvements and enhancements designed to streamline cloud infrastructure management and align with the latest Amazon Web Services (AWS) best practices.
We would like to take a moment to express our gratitude to the entire community for your invaluable contributions during the review process. Your feedback and insights have played a crucial role in shaping this release, ensuring it meets the needs of AWS users across a variety of industries. Thank you for your ongoing support and collaboration!
Download the CIS Amazon Web Services Benchmark in PDF.
CIS SecureSuite® Members can visit CIS WorkBench here to download other formats and related resources.
CIS Debian Linux 12 Benchmark v1.1.0
Some items of note for this update:
- Added 42 sections
- Added 31 recommendations
- Dropped 19 recommendations
- Updated 26 sections
- Updated 202 recommendations
A huge thank you to the 'Nix Team and the Linux community for all their hard work to make this updated Benchmark possible.
Download the CIS Debian Linux Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.
CIS Google Kubernetes Engine (GKE) Benchmark v1.6.1
This Benchmark addresses bugs that were identified in v1.6.0. Thanks to the community for identifying this issue and facilitating the update.
Download the CIS Kubernetes Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.
CIS Kubernetes Benchmark v1.10.0
Some items of note for this update:
- Added automated assessment content (AAC) and support for Kubernetes versions 1.30 and 1.31
- Updated audit and remediation procedures for 27 recommendations
- Revised the list of secure/insecure ciphers
- Revised verbiage to support ‘securityContext’ variables
This Benchmark exemplifies the great things a community of users, vendors, and subject matter experts can accomplish through consensus collaboration. The CIS community thanks the entire consensus team. Special recognition goes to Rory McCune, Joe Bowbeer, and Matt Reagan!
Download the CIS Kubernetes Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.
CIS Microsoft Azure Foundations Benchmark v3.0.0
Some items of note for this update:
- Introduction section added to explain 'Foundations' vs 'Service Category' CSP Benchmark types
- 15 recommendations added
- Procedure syntax updated to Microsoft Graph PowerShell for replacement of deprecated MSOL and Azure AD Graph cmdlets
- Procedure methods now indicate 'Audit from [...]' or 'Remediate from [...]'
- 50+ other changes and updates, including the following: notice added for deprecated or sunsetting products and features, product family navigation updates (Microsoft Defender), as well as added and updated Azure Policy in multiple recommendations
Many thanks to the CIS Microsoft Azure Community for another successful release. Special thanks in this release goes to Rachel Rice, a long-time Cloud Service Provider community editor, who has done a lot of work in this Azure Foundations consensus period to help us wrap in some meaningful systemic changes in a compressed timeframe!
Download the CIS Microsoft Azure Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.
New CIS Benchmarks Released Last Month
CIS IBM AIX 7 Benchmark v1.0.0
A huge thank you to the CIS AIX Community for making this Benchmark happen. Special thanks go to Michael Felt, Graham Eames, and Anoop Amourya.
Download the CIS IBM AIX Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.
CIS Build Kits Created Last Month
CIS Ubuntu Linux 24.04 LTS Benchmark v1.0.0
This CIS Build Kit supports all profiles available in the Benchmark and will remediate the target accordingly. In testing against a default Ubuntu Linux 24.04 installation for the Level 2 Server profile, the CIS Build Kit remediates more than 120 default settings that do not comply with the Benchmark guidance. A follow-up scan by CIS-CAT Pro returns a PASS result over 88%.
Some other items of note for this release:
- Several new scripts added to support updated recommendations
- Existing scripts updated for better execution
Download the CIS Ubuntu Linux Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.
Get involved by helping us develop content, review recommendations, and test CIS Benchmarks. Join a community today! We're looking for contributors for the following technologies:
If you're interested, please reach out to us at [email protected]. You can also learn more on the CIS Benchmarks Community page.
