CIS Security Benchmarks Community Newsletter - August 2016

CIS Docker 1.12.0 Benchmark Released

The benchmark provides prescriptive guidance for establishing a secure configuration posture for Docker container version 1.12.0. The guide was tested against Docker 1.12.0 on RHEL 7 and Debian 8. Special Thanks to Pravin Goyal, Thomas Sjögren, Rory McCune, Manideep Konakandla and Jesse Hertz.

This entry was posted in Benchmarks Community Updates, benchmarks on August 18, 2016 by Kimberly K

Making Security Happen

By Adam Montville

Our mission here at CIS is pretty clear: Lead communities to shepherd security best practices and continuously develop world-class security solutions supporting those practices. I generally like to think of this as working to “make security happen”. In support of this mission we have two important announcements to make today.

First, we have released the first-ever benchmark for your Amazon Web Services accounts, “CIS Amazon Web Services Foundations Benchmark v1.0.0” (here). This benchmark covers the bases for basic AWS services, such as: Identity and Access Management, AWS Config, CloudTrail, CloudWatch, Simple Notification Service, and Simple Storage Service. We have worked with Amazon and other organizations steeped in AWS services and technology to bring this benchmark to release (the folks over at Amazon have some more goodies for you as well - take a look here) using our well-known and respected consensus process. The recommendations embodied in this benchmark are not coming directly from CIS, but from a community of security-conscious, AWS-knowledgeable folks who want to share their work with the rest of the world.

CIS Community Newsletter

1. CIS Microsoft Office 2013, Access, Excel, Outlook, Power Point and Word Benchmarks Released

The following benchmarks provide prescriptive guidance for establishing a secure configuration posture for Microsoft Office 2013, Access 2013, Excel 2013, Outlook 2013, Power Point 2013 and Word 2013 respectively all running on Windows 7. Each guide was tested against Microsoft Office 2013.

CIS Community Newsletter – August 10, 2015

1. Call for Participation – Palo Alto Networks Draft Benchmark Available for Review AND Development underway for IBM DB2 & Google Chrome Benchmarks
Have expertise with Palo Alto Networks, IBM DB2 or Google Chrome? If so, join the benchmark consensus team(s). Your feedback and participation helps ensure that CIS Benchmarks continue to reflect security best practice. All contributors will receive attribution in the associated Benchmark and are eligible to earn CPE credits toward maintaining (ISC)2 certifications.

Announcing CIS Docker 1.6 Benchmark v1.0.0

CIS has released its first security configuration benchmark for Docker 1.6, which makes more than 80 recommendations for configuring and operating Docker in production environments.   The benchmark is intended for system and application administrators, security specialists, auditors, help desk, and platform deployment personnel who plan to develop, deploy, assess, or secure solutions that incorporate Docker 1.6 or later technology.

This entry was posted in Threats & Vulnerabilities, benchmarks, Cyber security, Docker on May 11, 2015 by Amanda B

Security Benchmarks Community Newsletter

Written by Michelle (Vogeler) Peterson, Director of Member Services, Security Benchmarks Division

This entry was posted in Benchmarks Community Updates, benchmarks, community updates, windows 7 on December 10, 2013 by Chad R

Security Benchmarks Community Newsletter

Security Benchmarks Community Newsletter - October 2013

This entry was posted in Benchmarks Community Updates, member services, benchmarks, community updates on October 15, 2013 by kwolfner