Broad and deep coverage.

The CIS Benchmarks provide broad coverage with secure configurations applicable to technology platforms across your estate. There are 100+ CIS Benchmarks covering more than 14 technology groups. This includes most Microsoft products, Linux variants, cloud environments, mobile devices, database platforms, and network infrastructure devices.

Each CIS Benchmark provides deep coverage of the configuration for its targeted product or system. For example, the latest CIS Benchmark for Microsoft Windows 10 20H2 includes 1,245 pages of guidance addressing over 500 configuration parameters.

The comprehensive coverage of CIS Benchmarks allows organizations to ensure that their systems are configured in accordance with best practices, protected against known threats, and free of settings which are known to insecure.

Expert consensus.

Unlike other security recommendations, the CIS Benchmarks are not derived from a single vendor or security manufacturer’s perspective. They are created through a unique consensus-development process.

Subject matter experts, security professionals, and technologists from around the world contribute to the development of a single CIS Benchmark.

Universal.

The CIS Benchmarks are universally recognized by organizations around the world, and across industries including government, defense, critical infrastructure, healthcare, finance, education, and many more.

The CIS Benchmarks are recognized as secure configuration best practices that can help organizations meet compliance for PCI DSS, HIPAA, FedRAMP, and others.

Rather than aligning your secure configuration practices to a specific industry standard or regulatory framework, alignment to CIS Benchmarks ensures organizations can adapt to emerging compliance requirements.