Utilizing and Customizing CIS Hardened Images^®

CIS Hardened Images can be used almost in the same manner as any cloud-based or physical machine. Unless packages or installations don’t align with the CIS Benchmark recommendations, the Center for Internet Security, Inc. (CIS^®) does not remove or insert any additional packages or tools during the hardening process. CIS Hardened Images can be modified or tailored to meet your security and functionality needs, as there may be recommendations that your organization needs to exempt itself from, or modify, due to unique operational requirements.

Following the purchase of a CIS Hardened Image, the image is now owned by and the sole responsibility of the end user. CIS will no longer access the image in any way; the maintenance of the image’s security and configuration is now the responsibility of the end user. Whether you would like to apply the most recent hardening and patching by migrating to a new image or maintain the Benchmark hardening and security patching yourself, you can review our information on Hardened Image general update and upgrade questions.

If a package or tool is not present, it is the end user's responsibility to add or install it. End users can install tools, packages, and anything else that doesn't conflict with the image's hardening. Should you have issues with modifying your CIS Hardened Image please refer to our Hardened Image Trouble Knowledge Base article

All CIS Hardened Images contain out-of-the-box configuration reports as well as a CIS-CAT^® Pro assessment report which enables you to see how closely the image conforms to the corresponding CIS Benchmark. You can download the Benchmark PDF for free on our website here: CIS Benchmarks^®. This allows you to make an informed decision about securing your operating systems in the cloud. Please see here for details on accessing those reports and here for additional details regarding why a Hardened Image may not get a 100% score in a CIS-CAT Pro Assessor Assessment report.