How to meet STIG compliance and achieve OS security with CIS – Guide
Public sector organizations and their contractors and consultants are aware of the importance of complying with the Defense Information Systems Agency’s Security Technology Implementation Guide. These configuration standards apply to DoD Information Assurance (IA) and IA enabled devices / systems. ..
CIS has released a guide to help businesses comply with the DISASTIG regulations. ..
CIS Benchmark and Enhanced Image for OS Security
CIS maintains a community of cybersecurity professionals who develop consensus-based cybersecurity guidelines accepted by industry, government, academia, and business. In particular, one of the biggest areas of CIS benchmarking technology is the operating system. ..
Organizations can use CIS Hardened Images for cloud security. These pre-configured virtual machine (VM) images bring the CIS benchmark configuration to the public cloud. For all CIS enhanced images, CIS-CAT Pro An assessment report to quickly provide evidence of compliance. CIS also regularly patches these VMs for vulnerabilities.
Operating system security and DISASTIG compliance with CIS
The CIS Benchmark is an acceptable standard to help meet compliance with relevant regulatory frameworks. In addition, CIS Hardened Images has already applied these standards to VM images, saving time and resources.
The DoD Cloud Computing SRG has released guidance that suggests the CIS benchmark is an acceptable alternative to the STIG benchmark. This guide provides information on how to use the CIS benchmark in order to determine if it is an acceptable alternative for performance assessment purposes.
The use of STIG and SRG by CSPs is desirable, but industry standard baselines, such as those provided by the Internet Security Center (CIS) benchmark, are accepted as an alternative to STIG and SRG. ..
DoD specifically refers to the CIS benchmark, but many organizations still need to leverage STIG for DoDIA and IA enabled devices / systems. Therefore, CIS provides a set of benchmarks that map directly to the STIG standard for operating system security. In addition, CIS creates virtual machine images that conform to the CIS STIG benchmark standard. Therefore, these images also provide OS security to help meet STIG compliance in the public cloud.
New: CISSTIG Compliance Features Update
If you are familiar with the features of CIS STIG, you can find updates to your profile. The new STIG profile makes it easier for users to identify all specific STIG recommendations. Overlay of other profiles, Levels 1, 2 and the next generation also exists in the STIG profile. If the recommendations from the STIG profile conflict with the recommendations from the CIS benchmark, they will be indicated in the description of the recommendations. ..
The Additional Information section of the CISSTIG Benchmark provides a comprehensive list of the system requirements for STIG compliance. This section includes information on the platform, processor, and memory requirements, as well as other system-related requirements.
Stig 1.0.0, released on October 3, 2017.
What’s to come for CIS STIG compliance
CISSTIG benchmarks are available on AWS, Azure, GCP and Oracle Cloud Marketplace. These offer four different images across different clouds. ..
CIS STIG Hardened Images provides enhanced security for public cloud services. Customers can access a pre-configured virtual machine that meets STIG compliance requirements. ..
CIS provides users with a variety of features to support operating system security and meet STIG compliance.
Final note
This guide is for anyone who wants to achieve OS security with CIS. If you have any questions about this article, please ask us. Additionally, please share this article with your friends so that they can also benefit from it.