The Center for Internet Security (CIS) is a non-profit organization focussed on improving public and private sector cybersecurity readiness and response. The CIS Critical Security Controls (CSC) are a recommended set of actions for cyber defense that provide specific and actionable ways to stop today’s most pervasive and dangerous attacks. A principal benefit of the Controls is that they prioritize and focus a smaller number of actions with high pay-off results.
The CIS Benchmarks, also known as CIS Security Standards, comprise 140+ configuration guidelines for various technology groups to safeguard systems against today’s evolving cyber threats. The process of checking for compliance within your AWS and VMware environments can be arduous and costly, and any kind of manual checks are subject to human error.
Runecast Analyzer automates the process of checking both VMware vSphere and native AWS public cloud resources for compliance against CIS standards – in total, 147 checks. Findings against both Level 1 and Level 2 recommendations are detailed, with each finding linked to the affected objects.
With Runecast Analyzer, you get year-round, 24/7 visibility into your audit compliance posture. It allows you to get immediate visibility into risks and non-compliances inherent in your environment, allowing you to identify gaps between where you are and a fully compliant state, and also show as soon as any objects move out of compliance. Additionally, each finding details on how to manually audit and remediate any non-compliances.
The solution runs entirely on-premises, with no data leaving your control. All analysis takes place on the Runecast Analyzer appliance. Additionally, Runecast Analyzer is CIS Certified for both AWS and VMware vSphere. Move to a more proactive way of handling your compliance requirements!