CIS Certifications¶
About CIS¶
CIS is an independent, nonprofit organization with a mission to create confidence in the connected world.
What are the CIS Benchmarks¶
CIS Benchmarks are best practices for the secure configuration of a target system. Available for more than 100 CIS Benchmarks across 25+ vendor product families, CIS Benchmarks are developed through a unique consensus-based process comprised of cybersecurity professionals and subject matter experts around the world. CIS Benchmarks are the only consensus-based, best-practice security configuration guides both developed and accepted by government, business, industry, and academia.
KICS Previously Awarded Certifications¶
KICS has been awarded the following certifications:
- CIS Amazon Web Services Foundations Benchmark v1.4.0, Level 1
- CIS Amazon Web Services Foundations Benchmark v1.4.0, Level 2
KICS has been awarded the following certifications:
- CIS Kubernetes Benchmark v1.6.1, Level 1 - Master Node
- CIS Kubernetes Benchmark v1.6.1, Level 1 - Worker Node
- CIS Kubernetes Benchmark v1.6.1, Level 2 - Master Node
- CIS Kubernetes Benchmark v1.6.1, Level 2 - Worker Node
What are the Level 1, Level 2 certifications?¶
Most CIS Benchmarks include multiple configuration profiles. A profile definition describes the configurations assigned to benchmark recommendations.
The Level 1 profile is considered a base recommendation that can be implemented fairly promptly and is designed to not have an extensive performance impact. The intent of the Level 1 profile benchmark is to lower the attack surface of your organization while keeping machines usable and not hindering business functionality.
The Level 2 profile is considered to be "defense in depth" and is intended for environments where security is paramount. The recommendations associated with the Level 2 profile can have an adverse effect on your organization if not implemented appropriately or without due care.
Additional Info¶
- https://www.cisecurity.org/cis-benchmarks/cis-benchmarks-faq/