CIS Benchmarks September 2023
The following CIS Benchmarks have been released or updated. We've highlighted the major updates below. Each Benchmark includes a full changelog that can be referenced to see all changes made.
CIS Benchmarks Updated in August
- CIS Apache Cassandra 3.11 Benchmark v1.1.0
- CIS Apache Tomcat 10 Benchmark v1.1.0
- CIS Microsoft SQL Server 2016 Benchmark v1.4.0
- CIS Microsoft SQL Server 2017 Benchmark v1.3.0
- CIS Ubuntu Linux 20.04 LTS STIG Benchmark v2.0.0
CIS Apache Cassandra 3.11 Benchmark v1.1.0
Here are some highlights of the work that was done:
- Added support for the latest release of Cassandra v3.11
- Improved search and query performance of various audit methods
- Updated remediations of various recommendations
A huge thank you to the CIS Apache Cassandra Community for making this Benchmark happen. Special thanks go to Joseph Testa and Aaron De Los Reyes.
Download the CIS Apache Cassandra Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.
CIS Apache Tomcat 10 Benchmark v1.1.0
Here's an overview of the work we did to update this Benchmark:
- Added guidance and recommendations to specifically address the Tomcat 10 version
- Added and improved automated assessment content
- Refined and improved Controls v8 recommendation mapping
A huge thank you to the CIS Apache Tomcat Community for making this Benchmark happen. Special thanks go to Matthew Reagan, James Scott, Joern Krueger, and Aaron De Los Reyes.
Download the CIS Apache Tomcat Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.
Final Updates to Two CIS Microsoft SQL Server Benchmarks
We are pleased to announce the release of CIS Benchmarks for CIS Microsoft SQL Server 2017 Benchmark v1.3.0 and CIS Microsoft SQL Server 2016 Benchmark v1.4.0. This marks the final update for these Benchmarks. Highlights include:
- Added three new Level 2 – Database Engine recommendations in the Encryption section
- Added two new audit actions for SQL Server Audit recommendation 5.4
- Updated T-SQL and Artifact for recommendation 2.11 and resolved automation for CIS-CAT assessment to run without errors
- Controls v8 mapping
- Updated T-SQL scripts and excluded "use master" when it is not needed
- Updated References links
A huge thank you to the CIS Microsoft SQL Server Community for making this happen. Special thanks go to Steinar Andersen, Rob Kraft, and Sean McCown.
Download the CIS Microsoft SQL Server Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here and here to download other formats and related resources.
CIS Ubuntu Linux 20.04 LTS STIG Benchmark v2.0.0
Here's a look at what we did to update this Benchmark:
- Dropped 98 recommendations
- Added 117 recommendations
- Updated 247 recommendations
- Updated content to the latest STIG release
Download the CIS Ubuntu Linux Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.
New CIS Benchmarks Released in August
- CIS Apache Cassandra 4.0 Benchmark v1.0.0
- CIS Apple iOS and iPadOS 16 Intune Benchmark v1.0.0
- CIS Debian 11 Linux STIG Benchmark v1.0.0
CIS Apache Cassandra 4.0 Benchmark v1.0.0
Here's an overview of what we did to create this new Benchmark:
-
Support for the new technology version Apache Cassandra v4.0
A huge thank you to the CIS Apache Cassandra Community for making this Benchmark happen. Special thanks go to Joseph Testa and Aaron De Los Reyes.
Download the CIS Apache Cassandra Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.
CIS Apple iOS and iPadOS 16 Intune Benchmark v1.0.0
This Benchmark reflects the existing CIS Apple iOS and iPadOS Intune Benchmark v1.1.0 within the Intune MDM framework. Here's a quick look at the work we did to produce this Benchmark:
- First iOS and iPadOS Benchmark configured to a specific MDM platform
- Set each recommendation within the Intune interface
- Created new recommendations that feature-match with the existing iOS Benchmarks
A huge thanks to the CIS iOS Community for making this happen. Special thanks go to Lewis Hardy for authoring this Benchmark!
Download the CIS Apple iOS Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.
CIS Debian 11 Linux STIG Benchmark v1.0.0
We created this new Benchmark based on the Ubuntu 20.04 STIG.
Download the CIS Debian Linux Benchmark in PDF.
CIS SecureSuite Members can visit CIS WorkBench here to download other formats and related resources.
Additional CIS Benchmarks Announcements
Are you interested in providing feedback to the Benchmarks Product Team about the prioritization of the Benchmarks recommendations and/or how the Level 1 and Level 2 recommendations are categorized? We’d love to hear from you! Contact [email protected].
Get involved by helping us develop content, review recommendations, and test CIS Benchmarks. Join a community today! We're looking for contributors for the following technologies:
- Amazon Aurora: Reach out to [email protected]
- Apache Cassandra
- Check Point Firewall
- Cisco (preferred focus on NX-OS, ACI, ASA, iOS, Meraki, Firepower)
- Google Android
- F5 Networks
- Juniper Networks (preferred focus on Junos OS)
- Microsoft SQL Server
- Palo Alto Networks
- PostgreSQL
- VMware (preferred with EXSi expertise)
If you're interested, please reach out to us at [email protected]. You can also learn more on the CIS Benchmarks Community page.
