CIS Benchmarks are recommended technical settings for operating systems, middleware and software applications, and network devices. CIS Benchmarks are the only consensus-based security configuration guides both developed and accepted by government, business, industry, and academia.
The CIS Controls are a concise, prioritized set of cyber practices created to stop today's most pervasive and dangerous cyber attacks. The CIS Controls are developed, refined, and validated by a community of leading experts from around the world.
Available to CIS SecureSuite Members
In the "downloads" section of the CIS WorkBench (registered account information required), members will find:
- CIS-CAT Pro, a configuration and vulnerability assessment solution consisting of two components: CIS-CAT Pro Assessor and CIS-CAT Pro Dashboard. The tool's components report a target system's conformance with the recommended settings in the CIS Benchmarks, analyzes and monitors the security status of information systems and the effectiveness of internal security controls and processes across an organization.
- CIS Controls Library
- PDF/Word/Excel versions of the CIS Benchmarks
- Automated remediation kits for implementing and assessing CIS Benchmark guidance. These kits allow you to automatically apply the recommended settings for a particular benchmark.
Available Free of Charge for non-commercial use
- 100+ CIS Benchmarks in PDF
- Download Form
- Browse Downloads
- 28 Security Metric Definitions in PDF which can be used to collect and analyze your organization’s security outcomes and process performance.
- CIS Controls
- CIS-CAT Lite, a limited version of CIS-CAT Pro providing assessment for select benchmarks.
- Crosswalk: a mapping of the CIS Benchmarks to two leading security guidelines: the CIS Controls and the Australian Signals Directorate's (ASD) Strategies to Mitigate Targeted Cyber Intrusions. This crosswalk provides a comprehensive and prioritized blueprint of CIS Benchmarks for organizations to leverage with the corresponding security guidelines.
- RSS feed: CIS Benchmarks updates