CIS Benchmarks are complementary standards that provide guidance on secure configuration settings for various software, systems, and platforms. The CIS benchmarks are publicly available, and come in two different levels, 1 and 2. Level 1 provides a basic set of security configurations for the system, whereas level 2 enhances the security posture. Similar to the Department of Defense Security Technical Implementation Guides (STIG). However, the CIS Benchmarks do not describe the risks or provide a risk measurement to assist in determining the impact of not applying the specific configuration.
Additional Detail: CIS Benchmarks aim to help organizations implement security best practices for different technologies.
Applicability: CIS Benchmarks are relevant for organizations seeking secure configuration guidance and best practices.
URL: CIS Benchmarks