The following CIS Benchmark updates have been released. We’ve highlighted the major updates below. Each Benchmark includes a full changelog that can be referenced to see all changes made.
CIS AlmaLinux OS 8 Benchmark v1.0.0
Prescriptive guidance for establishing a secure configuration posture for AlmaLinux OS 8 Linux distribution systems running on x86_64 platforms.
Special thanks to Jack Aboutboul and Simon John for their contributions to the initial development of the benchmark and thanks to the CIS AlmaLinux Community for their time and expertise toward this release. Your contributions are invaluable to our consensus process.
Download the AlmaLinux OS 8 Benchmark PDF
CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.
CIS PostgreSQL 14 Benchmark v1.0.0
Prescriptive guidance for establishing a secure configuration posture for PostgreSQL 14. This guide was tested against PostgreSQL 14 running on RHEL 8, but applies to other Linux distributions as well.
Special thanks to Doug Hunley and Crunchy Data for their significant contributions, and thanks to the CIS PostgreSQL Community who participated in general and ticket-specific discussions.
Download the PostgreSQL 14 PDF
CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.
CIS MongoDB 5 Benchmark v1.0.0
Prescriptive guidance for establishing a secure configuration posture for MongoDB version(s) 5.x. This guide was tested against MongoDB 5.0.2 running on Ubuntu Linux, Linux Red Hat, and Windows, but applies to other distributions as well.
Download the MongoDB 5 PDF
CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.
CIS MongoDB 3.6 Benchmark v1.1.0
Prescriptive guidance for establishing a secure configuration posture for MongoDB version 3.6. This guide was tested against MongoDB 3.6 running on Ubuntu Linux and Windows, but applies to other distributions as well.
Thanks to the CIS Mongo DB community for their support, and special thanks to Vinesh Redkar, Pralhad Chaskar, Emad Al-Mousa, and Matthew Reagan
Download the MongoDB 3.6 PDF
CIS SecureSuite Members can visit CIS WorkBench to download other formats and related resources.
Volunteers Needed for CIS Benchmarks
Get involved by helping us develop content, review recommendations, and test CIS Benchmarks. Join a community today! We’re looking for contributors for the following technologies:
Google Kubernetes Engine
Google Cloud Computing – Container-Optimized OS Benchmark
IBM AIX
Microsoft Windows
EMS Gateway
Windows Server 2022
Windows 11
Windows 10 21H
Interested in learning more about the CIS Benchmarks development process or how you can get involved? Reach out to us at benchmarkinfo@cisecurity.org. You can also learn more on the CIS Benchmarks Community page.
More Stories
Another Chrome Vulnerability
Google has patched another Chrome zero-day: On Thursday, Google said an anonymous source notified it of the vulnerability. The vulnerability...
UK Insurance and NCSC Join Forces to Fight Ransomware Payments
UK insurers and the National Cybersecurity Centre release new guidance to discourage ransomware payments by businesses Read More
Black Basta ransomware group’s techniques evolve, as FBI issues new warning in wake of hospital attack
Security agencies in the United States have issued a new warning about the Black Basta ransomware group, in the wake...
How DDR Can Bolster Your Security Posture
The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of...
Hackers Use DNS Tunneling to Scan and Track Victims
Palo Alto Networks warns threat actors are using DNS tunneling techniques to probe for network vulnerabilities Read More
FCC Names and Shames First Robocall Threat Actor
In a first, the FCC has designated “Royal Tiger” as a malicious robocall threat group Read More