CIS benchmarks are configuration guidelines published by the Center for Internet Security.

Center for Internet Security (CIS) benchmarks contain over 100 configuration guidelines created by a global community of cybersecurity experts to safeguard various systems against attacks targeting configuration vulnerabilities.

By monitoring compliance against benchmark recommendations, you can remediate issues and improve the security posture of your organization. The custom osquery extension collects the CIS benchmark results, see Live Query Extension Tables.

Use the default benchmarks or create custom benchmarks through the Carbon Black Cloud console. You can customize benchmarks based on your organization’s security requirements and continuously assess your organization’s security posture.

The left navigation pane showing CIS benchmarks option

Important:

Minimum supported Windows sensor version is 3.9.0.2357.

VM Workloads with following OS versions are supported:

  • Windows Server 2012 x64
  • Windows Server 2012 R2 x64
  • Windows Server 2016 x64
  • Windows Server 2019 x64
  • Windows Server 2022 x64

Assets with supported Windows Server OS must be connected to an Active Directory domain to use the CIS Benchmarks feature.