Introduction
Core Concepts
The CIS Benchmarks represent a set of configuration best practices crafted by security experts. They are designed to help organizations bolster their security posture and create a solid foundation for running workloads on cloud platforms such as AWS and Azure. Additionally, they provide ongoing monitoring to guarantee the continued security of your cloud environment.
The CIS Benchmarks are organized into the following sections:
- Identity and Access Management
- Storage
- Logging
- Monitoring
- Networking
In the CIS Benchmarks, you'll notice the term "recommendation" used instead of "control" or "requirement." This highlights the voluntary nature of CIS compliance, which is based on best practices rather than being a mandatory, regulated standard. It offers flexibility for organizations to adapt these recommendations according to their specific needs.
Assessment Status
Each recommendation within the CIS Benchmarks is classified as either "Automated" or "Manual." Automated recommendations can be programmatically validated, making them easier to check and enable through APIs. Manual recommendations, on the other hand, require manual validation and remediation.
Profiles
Level One Recommendations: Easy implementation with lower overhead, significantly enhancing security for most environments.
Level Two Recommendations: Designed for highly sensitive environments with higher security requirements, may require more effort to implement and manage.
With BOS 3.0, achieving CIS Benchmark compliance is simplified through our pre-configured BOS Templates, ensuring a secure and compliant cloud infrastructure tailored to your specific needs.