CIS Benchmarks and Compliance
Organizations need to understand how well their systems are configured to CIS benchmarks and best practices
The Center of Internet Security (CIS) is a non-for-profit organization that develops their own Configuration Policy Benchmarks, or CIS benchmarks, that allow organizations to improve their security and compliance programs and posture. This initiative aims to create community developed security configuration baselines, or CIS benchmarks, for IT and Security products that are commonly found throughout organizations. You can use our vulnerability management solution, Nexpose which is now a CIS Security Benchmarks Certified Product, to help you determine your level of compliance with the CIS benchmarks.
Here's how Rapid7 can help you with CIS Benchmarks:
Check and report on your compliance to CIS benchmarks
You can use Nexpose to easily and automatically check the settings on all the assets in your organization to determine their overall level of compliance to CIS benchmarks in one unified solution.
Give you a unified view of your overall CIS benchmarks and compliance
Nexpose scans all of your assets for the overall level of compliance for CIS benchmarks and policies. You can use Nexpose to determine the overall level of compliance across the organization for each of the CIS benchmarks that you are interested in.