Benchmarks PLUS

These reports can be used help identify and mitigate known security vulnerabilities across a wide range of platforms by providing you with clear guidance on how to establish a secure configuration posture across your IT infrastructure.

CIS Benchmark Downloads

This work is licensed under a Creative Commons Attribution-Non Commercial-No Derivatives 4.0 International Public License.

Windows Server

Windows Desktop

Windows 10

Linux

CentOS

CIS CentOS Linux 8 Benchmark v1.0.0
CIS CentOS Linux 7 Benchmark v3.0.0
CIS CentOS Linux 7 Benchmark v2.2.0
CIS CentOS Linux 6 Benchmark v2.1.0

Apple OSX

Cisco

IBM

Database Servers

IBM DB2

CIS IBM DB2 10 Benchmark v1.1.0
CIS IBM DB2 9 Benchmark v3.0.1
CIS IBM DB2 Benchmark v1.2.0

MS SQL Server

CIS Microsoft SQL Server 2019 Benchmark v1.1.0
CIS Microsoft SQL Server 2019 Benchmark v1.0.0
CIS Microsoft SQL Server 2017 Benchmark v1.1.0
CIS Microsoft SQL Server 2017 Benchmark v1.0.0
CIS Microsoft SQL Server 2016 Benchmark v1.2.0
CIS Microsoft SQL Server 2016 Benchmark v1.1.0
CIS Microsoft SQL Server 2014 Benchmark v1.5.0
CIS Microsoft SQL Server 2012 Benchmark v1.5.0
CIS Microsoft SQL Server 2008 R2 Benchmark v1.7.0
CIS Microsoft SQL Server 2008 R2 Benchmark v1.6.0

Sharepoint Servers

DNS and Authentication Servers

Email Servers

Office Applications

Office 365

CIS Microsoft Office 365 Foundations Benchmark v1.2.0

CIS Microsoft Office 365 Foundations Benchmark v1.0.0

Other Applications

Virtualization and Container Servers

VMware

CIS VMware ESXi 6.7 Benchmark v1.1.0
CIS VMware ESXi 6.5 Benchmark v1.0.0
CIS VMware ESXi 5.5 Benchmark v1.2.0
CIS VMware ESXi 5.1 Benchmark v1.0.1

Kubernetes

CIS Amazon Elastic Kubernetes Service (EKS) Benchmark v1.0.1
CIS Google Kubernetes Engine (GKE) Benchmark v1.1.0
CIS Google Kubernetes Engine (GKE) Benchmark v1.0.0
CIS Kubernetes Benchmark v1.6.1
CIS Kubernetes Benchmark v1.6.0
CIS Kubernetes Benchmark v1.5.1
CIS Kubernetes Benchmark v1.5.0
CIS Kubernetes Benchmark v1.4.0
CIS Kubernetes Benchmark v1.2.0
CIS Kubernetes Benchmark v1.1.0

Cloud Providers

Amazon Web Services

CIS Amazon Web Services Foundations Benchmark v1.3.0

CIS Amazon Web Services Foundations Benchmark v1.2.0

CIS Amazon Web Services Three-tier Web Architecture Benchmark v1.0.0

Operational Technology / Industrial Control Systems (ICS/OT)

Mobile Devices

Apple iOS
Google Android

Apple iOS
Google Android

Apple iOS

CIS Apple iOS 13 and iPadOS 13 Benchmark v1.0.0
CIS Apple iOS 12 Benchmark v1.0.0
CIS Apple iOS 11 Benchmark v1.0.0
CIS Apple iOS 10 Benchmark v1.0.0
CIS Apple iOS 9 Benchmark v1.0.0

Hardened Services Lists
What are the recommended hardened services settings for Windows for PCI DSS, NERC-CIP, NIST 800-53 / 800-171 or other compliance standards?

NNT Ransomware Mitigation Kit
The all new NNT Ransomware Mitigation Kit, included free with every Change Tracker Gen7 R2 deployment: Layered protection against the biggest Cybersecurity threats

Request The FREE NNT Ransomware Mitigation Kit

security through system integrity

Recommended Windows Audit Policy settings
Download the GPO template file for direct import and deployment via Active Directory

Windows 10

Windows Server 2012R2

Windows Server 2016

Recommended Linux Audit Policy settings
Download the NNT Audit Policy Wizard file for direct execution on your host, or for mass deployment using Puppet, for example, and automatically configure an auditor-ready audit policy.

Sample PCI DSS Reports

Windows Desktop

Linux Server

Web Server

Cisco

Unix

Sample NIST 800-53 reports

Microsoft Windows Server 2019

Microsoft Windows Server 2012R2

Sample NIST 800-171 reports

Windows Server

Linux Server

VMWARE ESX

Sample DISA STIG Reports

Apple

Windows Desktop

Cisco

Unix

Database Server

Unix

Virtualization and Container Servers

General Purpose Operating Systems

Sample Sarbanes-Oxley SOX Reports

Windows Server

Sample ISO 27K Reports

2012R2

	Windows 2012 and 2012 R2 MS V2R6 Manual STIG
	Windows 2012 R2 Member Server STIG
	Windows 2012 and 2012 R2 MS V2R6 STIG Viewer Export
	NNT Windows 2012R2 MS STIG

	Windows 2008 R2 MS V1R14 STIG Benchmark NNT
	Windows 2008 R2 Member Server STIG
	Windows 2008 R2 MS V1R20 STIG Viewer Export
	NNT Windows Server 2008 R2 Member Server STIG V1R20 Report Output

	RedHat 6 V1R13 STIG Viewer Export
	NNT RHEL 6 STIG V1R13 Report Output

	MS SQL Server 2016 Database STIG
	MS SQL Server 2014 Instance STIG

	Solaris 10 V1R16 STIG Viewer Output
	NNT Solaris 10 V1R16 Report Output

	Microsoft Outlook 2016 STIG
	Microsoft Excel 2016 STIG
	Microsoft PowerPoint 2016 STIG

	Microsoft Internet Explorer 11 STIG
	Google Chrome Current Windows