Center for Internet Security (CIS)

[ForgottenSeer 95367]

About CIS Benchmarks​

The Center for Internet Security is a nonprofit entity whose mission is to 'identify, develop, validate, promote, and sustain best practice solutions for cyberdefense.' It draws on the expertise of cybersecurity and IT professionals from government, business, and academia from around the world. To develop standards and best practices, including CIS benchmarks, controls, and hardened images, they follow a consensus decision-making model.

CIS benchmarks are configuration baselines and best practices for securely configuring a system. Each of the guidance recommendations references one or more CIS controls that were developed to help organizations improve their cyberdefense capabilities. CIS controls map to many established standards and regulatory frameworks, including the NIST Cybersecurity Framework (CSF) and NIST SP 800-53, the ISO 27000 series of standards, PCI DSS, HIPAA, and others.

Center for Internet Security (CIS) Benchmarks

 

[Victor M]

Yes, the CIS benchmarks are a crucial part of hardening my system. It is long and tedious with many settings to manipulate, but it is worth it.

Usually, the OS itself has plenty of security features, but tucked away in some corner.