CIS Benchmark Hardening/Vulnerability Checklists

The Center for Internet Security is the primary recognized industry-standard for secure configuration guidance, developing comprehensive, consensus-derived checklists to help identify and mitigate known security vulnerabilities across a wide range of platforms.

Each CIS Benchmark provides prescriptive guidance for establishing a secure configuration posture for your IT Infrastructure, including a detailed description and rationale of potential vulnerabilities together with clear auditing and remediation steps. As such, the CIS Benchmarks are the overwhelming option of choice for auditors worldwide when advising organizations on the adoption of a secure build standard for any governance and security initiative, including PCI DSS, HIPAA, NIST 800-53, SOX, FISMA, ISO/IEC 27002, Graham Leech Bliley and ITIL.

Additional Info

As part of the CIS community, NNT has access to consensus security configuration benchmarks, software, metrics, and discussion forums where NNT is an integral stakeholder in collaborating on security best practices. NNT has leveraged these resources and best practices in our products to measure and improve the security posture of our customers. As of May 2014, NNT Change Tracker has been awarded CIS Security Software Certification for CIS Security Benchmarks across all Linux and Windows platforms, Unix and Database Systems, Applications and Web Servers - see section below for CIS Benchmark Downloads

Note: NNT is also an Official OVAL Adopter and can equally utilize any 3rd party source of SCAP, OVAL or XCCDF content, for example DISA STIG checklists.

CIS Benchmark Report Downloads

CIS benchmark logo

As one of a handful of CIS Certified Vendors, NNT has a broad range of CIS Benchmark reports which can be used to audit enterprise networks and then monitor continuously for any drift from your hardened build standard, to ensure systems stay within compliance 24/7.

This work is licensed under a Creative Commons Attribution-Non Commercial-No Derivatives 4.0 International Public License.

Windows Server

Windows Desktop

Windows 10

Linux

CentOS

CIS CentOS Linux 8 Benchmark v1.0.0
CIS CentOS Linux 7 Benchmark v3.0.0
CIS CentOS Linux 7 Benchmark v2.2.0
CIS CentOS Linux 6 Benchmark v2.1.0

Apple OSX

IBM

Network Infrastructure

Database Servers

IBM DB2

CIS IBM DB2 10 Benchmark v1.1.0
CIS IBM DB2 9 Benchmark v3.0.1
CIS IBM DB2 Benchmark v1.2.0

MS SQL Server

CIS Microsoft SQL Server 2019 Benchmark v1.1.0
CIS Microsoft SQL Server 2019 Benchmark v1.0.0
CIS Microsoft SQL Server 2017 Benchmark v1.1.0
CIS Microsoft SQL Server 2017 Benchmark v1.0.0
CIS Microsoft SQL Server 2016 Benchmark v1.2.0
CIS Microsoft SQL Server 2016 Benchmark v1.1.0
CIS Microsoft SQL Server 2014 Benchmark v1.5.0
CIS Microsoft SQL Server 2012 Benchmark v1.5.0
CIS Microsoft SQL Server 2008 R2 Benchmark v1.7.0
CIS Microsoft SQL Server 2008 R2 Benchmark v1.6.0

Sharepoint Servers

DNS and Authentication Servers

Email Servers

Office Applications

Office 365

CIS Microsoft Office 365 Foundations Benchmark v1.2.0

CIS Microsoft Office 365 Foundations Benchmark v1.0.0

Other Applications

Virtualization and Container Servers

VMware

CIS VMware ESXi 6.7 Benchmark v1.1.0
CIS VMware ESXi 6.5 Benchmark v1.0.0
CIS VMware ESXi 5.5 Benchmark v1.2.0
CIS VMware ESXi 5.1 Benchmark v1.0.1

Kubernetes

CIS Amazon Elastic Kubernetes Service (EKS) Benchmark v1.0.1
CIS Google Kubernetes Engine (GKE) Benchmark v1.1.0
CIS Google Kubernetes Engine (GKE) Benchmark v1.0.0
CIS Kubernetes Benchmark v1.6.1
CIS Kubernetes Benchmark v1.6.0
CIS Kubernetes Benchmark v1.5.1
CIS Kubernetes Benchmark v1.5.0
CIS Kubernetes Benchmark v1.4.0
CIS Kubernetes Benchmark v1.2.0
CIS Kubernetes Benchmark v1.1.0
CIS Oracle Cloud Infrastructure Container Engine for Kubernetes(OKE) Benchmark v1.0

Operational Technology / Industrial Control Systems (ICS/OT)

Mobile Devices

Apple iOS
Google Android

Apple iOS
Google Android

Apple iOS

CIS Apple iOS 14 and iPadOS 14 Benchmark v1.0.0
CIS Apple iOS 13 and iPadOS 13 Benchmark v1.0.0
CIS Apple iOS 12 Benchmark v1.0.0
CIS Apple iOS 11 Benchmark v1.0.0
CIS Apple iOS 10 Benchmark v1.0.0
CIS Apple iOS 9 Benchmark v1.0.0

Download By Solution

PCI DSS Requirements

Sample PCI DSS reports

Windows Desktop

Linux Server

Web Server

Cisco

Unix

Find out more about NNT's PCI DSS compliance solutions »

NIST 800-53

NIST 800-171

Sample NIST 800-171 reports

Windows Server

	NNT NIST 800-171 Microsoft Windows Server 2016 Benchmark IP232 WIN2016
	NNT NIST 800-171 Microsoft Windows Server 2012-R2 Benchmark IP227 WIN2012R2
	NNT NIST 800-171 Microsoft Windows Server 2012 Benchmark IP230 WIN2012
	NNT NIST 800-171 Microsoft Windows Server 2008-R2 Benchmark IP225 WIN2008R2
	NNT NIST 800-171 Microsoft Windows Server 2008 Benchmark IP224 WIN2008

Find out more about NNT's NIST 800-171 compliance solutions »

DISA STIGs

DISA STIG Reports

Solaris

Red Hat

Find out more about NNT's DISA STIG compliance solutions »

SOX Sarbanes Oxley 404

ISO 27K

CIS Releases New Resources to Further Reduce Cyber Security Risk to Healthcare Systems

New resources for healthcare systems

These consensus-based security recommendations may help medical device manufacturers and healthcare providers assess and mitigate cyber vulnerabilities. These mappings provide a detailed matrix aligning security configuration recommendations provided in the CIS Microsoft Windows 7 Benchmark v2.1.0 and Windows XP Benchmark v3.1.0 to the Security Capabilities included in a Technical Report (IEC/TR 80001-2-2) within International Electrotechnical Commission (IEC) 80001-1, a global standard for performing risk management of IT networks that include medical devices. NNT Change Tracker now delivers a fully automated assessment against these checklists and performs continuous compliance monitoring with real-time breach detection to maintain 24/7 security.

	CIS Microsoft Windows 7 Benchmark v2.1.0 Mapped to IEC 80001-1 15-Oct-2014
	CIS Microsoft Windows XP Benchmark v3.1.0 Mapped to IEC 80001-1 15-Oct-2014

CIS Controls

Download the CIS Controls Solution Briefing

This work is licensed under a Creative Commons Attribution-Non Commercial-No Derivatives 4.0 International Public License.

Next Steps

Are you ready to get started in securing your IT environment with
industry-approved foundational controls, intelligent change control and automation?

	Windows 2012 and 2012 R2 MS V2R6 Manual STIG
	Windows Server 2012 R2 Member Server Security Technical Implementation Guide
	Windows 2012 and 2012 R2 MS V2R6 STIG Viewer Export
	NNT Windows Server 2008 R2 Member Server STIG V1R20 Report Output
	NNT Windows Server 2012R2 Member Server Security Technical Implementation Guide

	Windows 2008 R2 MS V1R14 STIG Benchmark NNT
	Windows Server 2008 R2 Member Server Security Technical Implementation Guide
	Windows 2008 R2 MS V1R20 STIG Viewer Export
	NNT Windows Server 2008 R2 Member Server STIG V1R20 Report Output

	Sample Full Report NNT NIST 800-53 Microsoft Windows Server 2012 R2 Benchmark GEN7
	Sample Summary NNT NIST 800-53 Microsoft Windows Server 2012 R2Benchmark

	NNT NIST 800-171 Oracle Linux 7 Server IP223 OracleLinux7
	NNT NIST 800-171 Oracle Linux 6 Server IP222 OracleLinux6

	Solaris 10 V1R16 STIG Viewer Output
	NNT Solaris 10 V1R16 Report Output

	RedHat 6 V1R13 STIG Viewer Export
	NNT RHEL 6 STIG V1R13 Report Output