CIS Benchmarks and Compliance

Organizations need to understand how well their systems are configured to CIS benchmarks and best practices

The Center of Internet Security (CIS) is a non-for-profit organization that develops their own Configuration Policy Benchmarks, or CIS benchmarks, that allow organizations to improve their security and compliance programs and posture. This initiative aims to create community developed security configuration baselines, or CIS benchmarks, for IT and Security products that are commonly found throughout organizations. You can use our vulnerability management solution, Nexpose which is now a CIS Security Benchmarks Certified Product, to help you determine your level of compliance with the CIS benchmarks.

Here's how Rapid7 can help you with CIS Benchmarks

Check the settings on all assets and determine the compliance to CIS benchmarks

Check and report on your compliance to CIS benchmarks

You can use Nexpose to easily and automatically check the settings on all the assets in your organization to determine their overall level of compliance to CIS benchmarks in one unified solution.

Use Nexpose to see how you comply with CIS benchmarks

Give you a unified view of your overall CIS benchmarks and compliance

Nexpose scans all of your assets for the overall level of compliance for CIS benchmarks and policies. You can use Nexpose to determine the overall level of compliance across the organization for each of the CIS benchmarks that you are interested in.

Free Nexpose Enterprise Trial

Use Nexpose Enterprise to see your overall level of compliance to CIS benchmarks

Start Full Trial