Enhanced Security and Achieving Compliance

CIS Hardened Images^® are configured according to CIS Benchmarks recommendations, which are developed through consensus by a global community of cybersecurity experts. These recommendations are recognized as a secure configuration standard by the DoD Cloud Computing Security Recommendation Guide (SRG), Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), Federal Information Security Management Act (FISMA), Federal Risk and Authorization Management Program (FedRAMP), and the National Institute of Standards and Technology (NIST). This recognition also applies to CIS Hardened Images, as their configuration is based on the CIS Benchmarks.

For organizations and industries that want to achieve compliance with Defense Information Systems Agency Security Technical Implementation Guide (DISA STIG) standards, CIS^® offers several CIS Benchmarks mapped to STIG standards. CIS STIG Benchmarks note any DISA STIG recommendations not included in the CIS STIG Benchmarks. From these guidelines, CIS also offers CIS STIG Hardened Images.

Please see our full article on CIS Hardened Image Security Assurance for additional details on how CIS ensures the integrity of our images delivered to AWS, Azure, Google Cloud, and Oracle Cloud.