Skip to content

Glossary

CIS Benchmarks

Guidelines for hardening specific operating systems, middleware, software applications, and network devices. Mapped to the CIS Critical Security Controls (CIS Controls), the CIS Benchmarks elevate the security defenses for cloud provider platforms and cloud services, containers, databases, desktop software, server software, mobile devices, network devices, and operating systems.

With the CIS SecureSuite Platform, users can run automated or manual assessments of their systems' security posture against the CIS Benchmarks.

CIS Critical Security Controls

A general set of recommended practices for securing a wide range of systems and devices. The Controls are a list of high-priority, highly effective defensive actions that provide a “must-do, do-first” starting point for every enterprise seeking to improve their cyber defense.

With the CIS SecureSuite Platform, organizations can conduct self-assessments of their implementation of the CIS Controls.

CIS Safeguards

A specific action that can be implemented or activity that can be performed to improve an organization’s cyber defense program.

CIS Safeguards were known as CIS Sub-Controls prior to CIS Controls v8.

CIS SecureSuite Platform

A self-managed web application installed at a Member's premise that combines the functionality of the the CIS Configuration Assessment Tool (CIS-CAT) Pro Dashboard and Controls Self Assessment Tool (CIS CSAT) Pro in a single platform.

CIS-CAT Pro Assessor

The tool to evaluate posture information collected from a target system against CIS Benchmarks.

CIS-CAT Pro Dashboard

The tool to view and evaluate configuration assessment results. CIS-CAT Pro Dashboard uses the Benchmark assessment reports generated by CIS-CAT Pro Assessor.

CIS CSAT Pro

The tool to perform self-assessments against the CIS Controls.

Configuration Assessment

The process of evaluating a target system's overall risk posture against the CIS Benchmarks.

Reports

The results of your assessments. Different formats are offered depending on the use case.

SecureSuite License

A SecureSuite License is required for the CIS SecureSuite Platform. If a valid license is not present, the CIS SecureSuite Platform will not install or upgrade. If the CIS SecureSuite Platform is installed but your license expires, certain functionality is restricted.

Target System

Endpoints in your environment that have been or will be assessed with CIS-CAT Pro Assessor or the CIS SecureSuite Platform.