forked from Checkmarx/kics
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
a1b3772
commit 9e845e4
Showing
1 changed file
with
24 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| # CIS Certfications | ||
|
|
||
| ## About CIS | ||
| CIS is an independent, nonprofit organization with a mission to create confidence in the connected world. | ||
|
|
||
|
|
||
| ## What are the CIS Benchmarks | ||
| CIS Benchmarks are best practices for the secure configuration of a target system. Available for more than 100 CIS Benchmarks across 25+ vendor product families, CIS Benchmarks are developed through a unique consensus-based process comprised of cybersecurity professionals and subject matter experts around the world. CIS Benchmarks are the only consensus-based, best-practice security configuration guides both developed and accepted by government, business, industry, and academia. | ||
|
|
||
| ## KICS Awarded Certifications | ||
| KICS 1.4.4 has been awarded the following certifications: | ||
| - CIS Amazon Web Services Foundations Benchmark v1.4.0, Level 1 | ||
| - CIS Amazon Web Services Foundations Benchmark v1.4.0, Level 2 | ||
| - CIS Amazon Web Services Foundations Benchmark v1.4.0, Level 1 | ||
| - CIS Amazon Web Services Foundations Benchmark v1.4.0, Level 2 | ||
|
|
||
| ## What are the Level 1, Level 2 certifications? | ||
| Most CIS Benchmarks include multiple configuration profiles. A profile definition describes the configurations assigned to benchmark recommendations. | ||
| <br> The Level 1 profile is considered a base recommendation that can be implemented fairly promptly and is designed to not have an extensive performance impact. The intent of the Level 1 profile benchmark is to lower the attack surface of your organization while keeping machines usable and not hindering business functionality. | ||
| <br> The Level 2 profile is considered to be "defense in depth" and is intended for environments where security is paramount. The recommendations associated with the Level 2 profile can have an adverse effect on your organization if not implemented appropriately or without due care. | ||
|
|
||
| ## Additional Info | ||
| - https://www.cisecurity.org/cis-benchmarks/cis-benchmarks-faq/ | ||
| - https://www.cisecurity.org/partner/checkmarx/ |