Center for Internet Security, Inc. (CIS) Solutions for the Public Sector
For more information on these products, please view the resources in the tab above.
-
CIS Hardened Images®
- Securely pre-configured virtual
machine images hardened according to the globally recognized secure
configuration guidelines of the CIS Benchmarks. They provide a secure,
on-demand and scalable computing environment.
- More secure than a standard
image, CIS Hardened Images reduce system vulnerabilities and offer
security to help protect against malware, remote intrusion, insufficient
authorization, and other cyber threats.
- Each CIS Hardened Image includes
a report showing conformance to the applicable CIS Benchmarks, which are
recognized as secure configuration standards by PCI DSS, HIPAA, FedRAMP,
NIST, and DoD STIGs.
- Offered for nine different
virtual machine versions of Linux: Amazon, CentOS, Debian, Oracle, Red
Hat, SUSE, Ubuntu, NGINX, and PostgreSQL - as well as Microsoft Windows
Server.
- Available to spin up immediately
from Amazon Web Services (AWS Marketplace, AWS GovCloud (US) region, and
AWS for the Intelligence Community [IC]), Microsoft Azure (Azure
Marketplace and Azure Government Marketplace), Google Cloud Platform, and
Oracle Cloud.
-
Albert Network Monitoring and Management
- Cost-effective Intrusion
Detection System (IDS) providing automated alerting on both traditional
and advanced network threats
- In-depth review of alerts conducted
by expert analysts through CIS’s 24x7x365 Security Operations Center (SOC)
- Consolidated, actionable insights
and monthly reporting from expert analysts with industry-leading response
times - averaging 6 minutes from threat detection to notification
- Unique SLTT-focused and targeted
signature set
- Turnkey solution incorporating
24x7x365 monitoring and management
- Available for both on-premises
and cloud environments (AWS and Azure)
-
CIS Endpoint Security Services (ESS)
- Fully managed, premium endpoint security solution as a service that includes:
- Next Generation Antivirus (NGAV)
- Endpoint Detection and Response (EDR)
- Asset and application inventory
- USB device monitoring
- User account monitoring
- Host-based firewall management
- Device-level protection and response powered by CrowdStrike with value-added support and service from CIS
- Deployed on endpoint devices to identify, detect, respond to, and remediate security incidents and alerts
- 24x7x365 monitoring and management by CIS Security Operations Center (SOC), providing expert human analysis of malicious activity and escalating actionable threats
- Incident response and remote digital forensics support provided by CIS Cyber Incident Response Team (CIRT)
-
Managed Security Services
- Cost-effective log and security event monitoring of devices for malicious or anomalous activity including, but not limited to, IDS/IPS, firewalls, switches and routers, servers, endpoints, and web proxies
- Event analysis performed by expert human analysts in the 24x7x365 CIS SOC using the largest cyber threat database specifically for SLTTs
- Analysts eliminate false positives, escalate actionable items to organizations, provide support regarding alerts or notifications received, and deliver comprehensive monthly activity reports
- Users gain visibility into security events, log data, and on-demand reporting through an online portal powered by Accenture
-
Penetration Testing
- Network and web application
penetration testing utilizing both automated tools and manual techniques
- Identification and exploitation
of vulnerabilities through a simulated real-world cyber-attack for risk
assignment
- In-depth reporting on
vulnerabilities, risk, impact, location, recommendations, and references
to mitigate in your environment
-
Vulnerability Assessments
- Both network and web application
vulnerability assessments available.
- Cost-effective solution to
proactively identify and remediate potential attack vectors
- Assessments include network or application
discovery and mapping, asset prioritization, manual vulnerability
verification, vulnerability assessment reporting, remediation tracking
according to business risk, and remediation support
- Available as either single or
regularly recurring (quarterly or monthly) assessments
-
Phishing Engagements
- Leverage technical and
socio-psychological techniques to diagnose end user awareness
- Craft unique and customized
phishing email content, links and attachments, landing pages, forms to
capture user credentials, and personalized content for each target
user
- Extensive report detailing
assessment’s goals, theory, attack method, concluded results, statistics,
campaign effectiveness and conclusions, and recommendations
-
CIS SecureSuite
- Trusted by more than 2,500 organizations
worldwide, CIS SecureSuite® Membership provides integrated cybersecurity
resources to help businesses, nonprofits, government entities, and IT
experts start secure and stay secure.
- CIS SecureSuite®
Members benefit from advanced tools and resources that help speed the
adoption of security best practices from policy to implementation,
including:
- Full-format
CIS Benchmarks: access multiple file formats of our more than 100
consensus-developed secure configuration guidelines for hardening
operating systems, servers, cloud environments, and more across 25+
vendor product families
- CIS-CAT
Pro: automatically assess your system configuration against the CIS
Benchmark recommendations and measure compliance over time
- CIS Build
Kits: quickly and easily remediate at scale and implement security
recommendations across your environment with our automated scripts and
templates
- CIS CSAT
Pro: conduct, track, and assess your implementation of the CIS Controls,
our community-developed cybersecurity best practices
- CIS
WorkBench: collaborate with our global community of IT professionals,
tailor benchmark recommendations to fit your organizational policies, and
easily access membership resources and content
- CIS
Benchmarks™
- Consensus-developed
secure configuration guidelines for hardening operating systems,
servers, cloud environments, and more. The CIS Benchmarks include more
than 100 configuration guidelines across 25+ vendor product families.
- Recognized
as secure configuration best practices that can help organizations meet
compliance for PCI DSS, DoD STIGs, FISMA, FedRAMP, and others.
- CIS
Critical Security Controls® (CIS Controls)
- Prescriptive,
prioritized, and simplified set of critical security controls and
cybersecurity best practices developed by a community of cybersecurity
experts that can help support compliance in a multi-framework era.
- Provide
specific guidance and a clear pathway for organizations to achieve the
goals and objectives described by multiple legal, regulatory, and
policy frameworks, including NIST, PCI DSS, CMMC, and HIPAA.