Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

CIS Audit Summary

by Stephanie Dunn
March 30, 2017

When dealing with compliance regulations, each organization can face a variety of potential risks. Without having a full understanding of an organization’s risk exposure, critical systems and data will be at risk for attacks or data leakage. The Center for Internet Security (CIS) developed a series of best practice benchmarks for a variety of applications, operating systems, servers, and databases used within organizations today. Each benchmark contains recommended security settings designed to harden systems and applications from attack while maintaining overall system functionality. The components in this dashboard present a summary of results gathered from CIS compliance scans using the CIS Benchmarks.

Tenable has been certified by CIS to perform a wide variety of platform and application audits based on the best practice consensus benchmarks developed by CIS. Tenable submits example test cases for all of the criteria within each unique benchmark, and then submits our results to CIS personnel for official certification. Tenable has developed audit files based on the CIS Benchmarks tested on systems, and has been approved and certified by CIS staff members.

When performing managed scans with SecurityCenter, some CIS audits require additional patch audits and vulnerability checks. Any additional requirements for completing an audit using the CIS Benchmarks will be included within the audit file description text. In some cases, multiple scans may be required, as Tenable provides both Level 1 and Level 2 audit checks. Level 1 checks provide minimum settings recommendations, and are generally considered safe to apply to most systems. Level 2 checks include recommendations for complex or highly secure environments, and can lead to reduced functionality of systems within the network.

Information presented within this dashboard includes a summary of CIS audit checks currently supported by Tenable. Results will highlight one of three severity levels that will provide valuable information analysts can use to harden systems within the enterprise. The informational severity level is considered “Passed”, indicating that the configuration setting matches the expected result of the audit check. Results assigned a medium severity must be evaluated by an analyst to determine whether the results are accurate or not. When an audit check fails, the severity is set to high, indicating that the collected result and the expected result do not match. Each failure should be reviewed, fixed, and re-scanned to ensure that the system has been secured properly. Using these benchmarks will help to assess the effectiveness of existing security controls on systems, and provide the critical context needed to strengthen an organization's security posture.

If needed, audit files can be modified to an organization’s specific requirements. Additional information on how to edit audit files can be found within the “Nessus Compliance Checks” document in the Support Portal.

The dashboard is available in the SecurityCenter Feed, a comprehensive collection of dashboards, reports, Assurance Report Cards, and assets. The dashboard can be easily located in the SecurityCenter Feed under the category Compliance & Configuration Assessment. The dashboard requirements are:

  • SecurityCenter 5.2.0
  • Nessus 6.10.0
  • CIS Audit Files
  • Compliance Data

In order to maintain the overall security of systems and data within the enterprise, organizations must have an effective and repeatable way to measure compliance results. Tenable SecurityCenter helps organizations obtain results using the CIS Benchmarks by measuring compliance in real time, providing an accurate assessment of an organization’s security posture. By prioritizing remediation actions of misconfigured systems, the organization can maximize their investment in compliance reporting and system hardening efforts. With more supported technologies than any other vendor, Tenable assists organizations in obtaining the most comprehensive view of the network and the intelligence needed to assess and protect systems using CIS compliance standards.

The following components are included within this dashboard:

  • CIS - Amazon & Debian Linux Benchmarks: This matrix component presents a summary of audit checks performed on systems running Amazon Linux, Debian Linux, BIND DNS Server, and other distributions of Linux on x86 and x64 platforms.
  • CIS - Apache Benchmarks: This matrix component presents a summary of audit checks performed on systems running Apache HTTP Servers and Apache Tomcat.
  • CIS - Apple Benchmarks: This matrix component presents a summary of audit checks performed on systems running Apple macOS.
  • CIS - CentOS Linux Benchmarks: This matrix component presents a summary of audit checks performed on systems running CentOS Linux.
  • CIS - Cisco Benchmarks: This matrix component presents a summary of audit checks for Cisco IOS on Cisco routing, switching, and firewall appliances.
  • CIS - Desktop Applications Benchmarks: This matrix component presents a summary of audit checks performed on systems running Microsoft Internet Explorer, Microsoft Office 2007, Microsoft Outlook 2010, and Google Chrome.
  • CIS - Docker Benchmarks: This matrix component presents a summary of audit checks performed on systems running Docker containers.
  • CIS - HPUX & Solaris Benchmarks: This matrix component presents a summary of audit checks performed on systems running HP-UX and Solaris operating systems.
  • CIS - IBM Benchmarks: This matrix component presents a summary of audit checks performed on systems running IBM AIX and IBM DB2.
  • CIS - Juniper Junos Benchmarks: This matrix component presents a summary of audit checks performed against Juniper Routers running JUNOS.
  • CIS - Microsoft IIS Benchmarks: This matrix component presents a summary of audit checks performed on systems running Microsoft Internet Information Server (IIS) versions 5 through 8.5.
  • CIS - Microsoft Servers Benchmarks: This matrix component presents a summary of audit checks performed on systems running Microsoft Windows Server and Microsoft Exchange Server 2007.
  • CIS - Microsoft SQL Server Benchmarks: This matrix component presents a summary of audit checks performed on systems running Microsoft SQL Server.
  • CIS - Microsoft Workstations Benchmarks: This matrix component presents a summary of audit checks performed on systems running Microsoft Workstation operating systems.
  • CIS - MySQL Benchmarks: This matrix component presents a summary of audit checks performed on systems running MySQL server.
  • CIS - Oracle Benchmarks: This matrix component presents a summary of audit checks performed on systems running Oracle Database Servers and Oracle Linux 6.
  • CIS - Red Hat Enterprise Linux Benchmarks: This matrix component presents a summary of audit checks performed on systems running Red Hat Enterprise Linux Servers.
  • CIS - SUSE & Ubuntu Linux Benchmarks: This matrix component presents a summary of audit checks performed on systems running SUSE Linux Enterprise Servers and Ubuntu LTS Servers.
  • CIS - VMWare ESXi Benchmarks: This matrix component presents a summary of audit checks performed on systems running VMWare ESXi.