The following CIS Benchmark updates have been released. We’ve highlighted the major updates below. Each Benchmark includes a full changelog that can be referenced to see all changes made.
CIS AlmaLinux OS 8 Benchmark v1.0.0
Prescriptive guidance for establishing a secure configuration posture for AlmaLinux OS 8 Linux distribution systems running on x86_64 platforms.
Special thanks to Jack Aboutboul and Simon John for their contributions to the initial development of the benchmark and thanks to the CIS AlmaLinux Community for their time and expertise toward this release. Your contributions are invaluable to our consensus process.
Download the AlmaLinux OS 8 Benchmark PDF
CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.
CIS PostgreSQL 14 Benchmark v1.0.0
Prescriptive guidance for establishing a secure configuration posture for PostgreSQL 14. This guide was tested against PostgreSQL 14 running on RHEL 8, but applies to other Linux distributions as well.
Special thanks to Doug Hunley and Crunchy Data for their significant contributions, and thanks to the CIS PostgreSQL Community who participated in general and ticket-specific discussions.
Download the PostgreSQL 14 PDF
CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.
CIS MongoDB 5 Benchmark v1.0.0
Prescriptive guidance for establishing a secure configuration posture for MongoDB version(s) 5.x. This guide was tested against MongoDB 5.0.2 running on Ubuntu Linux, Linux Red Hat, and Windows, but applies to other distributions as well.
Download the MongoDB 5 PDF
CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.
CIS MongoDB 3.6 Benchmark v1.1.0
Prescriptive guidance for establishing a secure configuration posture for MongoDB version 3.6. This guide was tested against MongoDB 3.6 running on Ubuntu Linux and Windows, but applies to other distributions as well.
Thanks to the CIS Mongo DB community for their support, and special thanks to Vinesh Redkar, Pralhad Chaskar, Emad Al-Mousa, and Matthew Reagan
Download the MongoDB 3.6 PDF
CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.
Volunteers Needed for CIS Benchmarks
Get involved by helping us develop content, review recommendations, and test CIS Benchmarks. Join a community today! We’re looking for contributors for the following technologies:
Google Kubernetes Engine
Google Cloud Computing – Container-Optimized OS Benchmark
IBM AIX
Microsoft Windows
EMS Gateway
Windows Server 2022
Windows 11
Windows 10 21H
Interested in learning more about the CIS Benchmarks development process or how you can get involved? Reach out to us at benchmarkinfo@cisecurity.org. You can also learn more on the CIS Benchmarks Community page.
More Stories
Chained Vulnerabilities Exploited in Ivanti Cloud Service Appliances
Threat actors chained Ivanti CSA vulnerabilities for RCE, credential theft & webshell deployment Read More
Bookmakers Ramp Up Efforts to Combat Arbitrage Betting Fraud
Arbitrage betting fraud rises, forcing bookmakers to adopt stricter measures against automated scams Read More
Third Interdisciplinary Workshop on Reimagining Democracy (IWORD 2024)
Last month, Henry Farrell and I convened the Third Interdisciplinary Workshop on Reimagining Democracy (IWORD 2024) at Johns Hopkins University’s...
CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Skills
Splunk reveals that 82% of CISOs now report directly to the CEO, but many lack EQ Read More
Cisco Fixes Critical Vulnerability in Meeting Management
The network equipment giant urged customers to patch immediately Read More
New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing
Cybercriminals are selling access to the malicious GenAI chatbot via Telegram, providing rapid assistance for a range of nefarious activities,...