• Report an IT Security Incident
  • Request Help
  • Help & Support
    • Working/Learning Remotely
    • Request Help
    • Live Chat
    • Track a Ticket
    • Knowledge Base
    • Getting Started
    • Contact Us
    • ITS Alerts Sign Up
  • Service Catalog
    • Accounts & Access
    • Communications & Collaboration
    • Computers & Software
    • Data, Reporting & Analytics
    • Network & Internet Services
    • Pilot Services
    • Professional Services
    • Research Computing
    • Teaching & Learning
    • University Applications
    • Web, Servers & Hosting
  • About ITS
    • Our Team
    • Strategic Plan
    • Annual Reports
    • Awards
    • Student Employment
  • Working with ITS
    • Architectural Standards Review Board
    • Projects & Project Management
    • Technology Investment Request Lifecycle
    • Governance Committees
    • Business Intelligence
    • Enterprise Data Integration Services (EDIS)
    • GMU-TV
    • IT Security Office
  • Alerts & Bulletins
    • Unplanned Outages
    • Phishing Alerts
    • Maintenance
    • Bulletins
    • Spotlights
    • After Action Reports
    • Archives
  • Report an IT Security Incident
  • Request Help
X Hide

Information Technology Services

Skip to content
  • Help & Support
    • Working/Learning Remotely
    • Request Help
    • Live Chat
    • Track a Ticket
    • Knowledge Base
    • Getting Started
    • Contact Us
    • ITS Alerts Sign Up
  • Service Catalog
    • Accounts & Access
    • Communications & Collaboration
    • Computers & Software
    • Data, Reporting & Analytics
    • Network & Internet Services
    • Pilot Services
    • Professional Services
    • Research Computing
    • Teaching & Learning
    • University Applications
    • Web, Servers & Hosting
  • About ITS
    • Our Team
    • Strategic Plan
    • Annual Reports
    • Awards
    • Student Employment
  • Working with ITS
    • Architectural Standards Review Board
    • Projects & Project Management
    • Technology Investment Request Lifecycle
    • Governance Committees
    • Business Intelligence
    • Enterprise Data Integration Services (EDIS)
    • GMU-TV
    • IT Security Office
  • Alerts & Bulletins
    • Unplanned Outages
    • Phishing Alerts
    • Maintenance
    • Bulletins
    • Spotlights
    • After Action Reports
    • Archives

Knowledge Base

Home > Help & Support > Knowledge Base > Security > System Admin > What are CIS Security Benchmark tools?

What are CIS Security Benchmark tools?

The CIS Security Benchmarks division provides well-defined, unbiased and consensus-based industry best practices to help organizations assess and improve their security. Resources include secure configuration benchmarks, automated configuration assessment tools and content, security metrics, and security software product certifications.

The Security Benchmarks division is recognized as a trusted, independent authority that facilitates the collaboration of public and private industry experts to achieve consensus on practical and actionable solutions.

The CIS Security Benchmarks Division develops and distributes:

  • Security Configuration Benchmarks - describe consensus best practices for the secure configuration of target systems and are developed via extensive collaboration with our volunteer consensus community. Configuring IT systems in compliance with these Benchmarks has been shown to eliminate 80-95% of known security vulnerabilities. The Benchmarks are globally used and accepted as the de facto user-originated standard for IT security technical controls. The Benchmarks are freely available for download in PDF format.
  • Security Metrics - offer enterprise IT and security teams insight into their own security process outcomes and are developed via extensive collaboration with our volunteer consensus community. The metrics are freely available to the public for download, including the CIS Quick Start Guide for Consensus Security Metrics.
  • The CIS-CAT Benchmark Assessment Tool - provides IT and security professionals with a fast, detailed assessment of target systems' conformance to CIS Benchmarks. By discovering any lack of conformance to CIS Benchmarks, CIS-CAT offers enterprises a powerful tool for analyzing and monitoring the security status of information systems and the effectiveness of internal security processes.
    • CIS-CAT is a SCAP-validated FDCC Scanner
    • CIS-CAT is available to CIS Security Benchmarks members

For a full list of resources offered, along with descriptions and examples, visit the CIS Security Benchmarks Security Resources page.

Last modified: December 11, 2018

Next

How to Access Center for Internet Security (CIS) Security Benchmarks Tools

Related articles

  • How to Access Center for Internet Security (CIS) Security Benchmarks Tools

Get Started at Mason

Whether you are a student, faculty, staff member, or a guest visiting the Mason campus, we have resources to help get you started.

Read More

Quick Links

Patriot Pass Password Reset
Submit a Ticket
Track a Ticket
PuTTY
Cisco AnyConnect VPN

Read More

Explore IT Services

A B C D E F G
H I J K L M N
O P Q R S T U
V W X Y Z #

© 2022 George Mason University
4400 University Drive
Fairfax, Virginia 22030

Latest tweet

George Mason ITSFollow

The official Twitter page for George Mason University's Information Technology Services

George Mason ITS
Retweet on TwitterGeorge Mason ITS Retweeted
George Mason University@GeorgeMasonU·
13 May

.@GeorgeMasonU will require all students, faculty, staff, and guests in attendance at @eaglebankarena and all indoor degree celebrations to wear masks to create as safe an environment as possible. #Mason2022 🎓

Read the full statement from @GMUPres ➡️: https://www.gmu.edu/news/2022-05/updated-mask-requirements-commencement

Reply on Twitter 1525128931585695750Retweet on Twitter 152512893158569575019Like on Twitter 152512893158569575047
View All
ITS Support Center
703-993-8870
support@gmu.edu
live chat
Monday – Thursday, 8 a.m. – 9 p.m.
Friday, 8 a.m. – 5 p.m.
Saturday, Closed
Sunday, 1 p.m. – 9 p.m.
(closed Thursday 3 p.m. – 4 p.m. for a team meeting)
  • Webmaster