The benchmark provides prescriptive guidance for establishing a secure configuration posture for Docker container version 1.12.0. The guide was tested against Docker 1.12.0 on RHEL 7 and Debian 8. Special Thanks to Pravin Goyal, Thomas Sjögren, Rory McCune, Manideep Konakandla and Jesse Hertz.
By Adam Montville
Our mission here at CIS is pretty clear: Lead communities to shepherd security best practices and continuously develop world-class security solutions supporting those practices. I generally like to think of this as working to “make security happen”. In support of this mission we have two important announcements to make today.
First, we have released the first-ever benchmark for your Amazon Web Services accounts, “CIS Amazon Web Services Foundations Benchmark v1.0.0” (here). This benchmark covers the bases for basic AWS services, such as: Identity and Access Management, AWS Config, CloudTrail, CloudWatch, Simple Notification Service, and Simple Storage Service. We have worked with Amazon and other organizations steeped in AWS services and technology to bring this benchmark to release (the folks over at Amazon have some more goodies for you as well - take a look here) using our well-known and respected consensus process. The recommendations embodied in this benchmark are not coming directly from CIS, but from a community of security-conscious, AWS-knowledgeable folks who want to share their work with the rest of the world.
1. CIS Microsoft Office 2013, Access, Excel, Outlook, Power Point and Word Benchmarks Released
The following benchmarks provide prescriptive guidance for establishing a secure configuration posture for Microsoft Office 2013, Access 2013, Excel 2013, Outlook 2013, Power Point 2013 and Word 2013 respectively all running on Windows 7. Each guide was tested against Microsoft Office 2013.
1. Call for Participation – Palo Alto Networks Draft Benchmark Available for Review AND Development underway for IBM DB2 & Google Chrome Benchmarks
Have expertise with Palo Alto Networks, IBM DB2 or Google Chrome? If so, join the benchmark consensus team(s). Your feedback and participation helps ensure that CIS Benchmarks continue to reflect security best practice. All contributors will receive attribution in the associated Benchmark and are eligible to earn CPE credits toward maintaining (ISC)2 certifications.
CIS has released its first security configuration benchmark for Docker 1.6, which makes more than 80 recommendations for configuring and operating Docker in production environments. The benchmark is intended for system and application administrators, security specialists, auditors, help desk, and platform deployment personnel who plan to develop, deploy, assess, or secure solutions that incorporate Docker 1.6 or later technology.
Written by Michelle (Vogeler) Peterson, Director of Member Services, Security Benchmarks Division
Security Benchmarks Community Newsletter - October 2013