Awards and Recognition
CIS Benchmarks
In this article:

London, U.K., 30 June 2020 – Runecast Solutions Ltd., a leading provider of patented, predictive analytics for VMware and AWS environments, today announced that its Runecast Analyzer has been certified by CIS Benchmarks™ to compare the configuration status of [Virtualization and Cloud Providers] against the consensus-based best practice standards contained in the [CIS Benchmarks for VMware ESXi 6.5, VMware ESXi 6.7, and Amazon Web Services Foundations]. Organizations that leverage Runecast Analyzer can now ensure that the configurations of their critical assets align with the CIS Benchmarks consensus-based practice standards.

Stanimir Markov, CEO and Co-Founder of Runecast, stated:

“We are pleased to be awarded a CIS Benchmark Certification. Our mission is to provide customers with automated insights and a proactive approach to security compliance and business continuity. This certification certainly helps us to achieve that.”

Runecast Analyzer discovers potential issues in configuration and hardware compatibility. Additionally, it automates compliance checks for VMware and AWS security hardening guidelines and complex security standards like NIST, PCI DSS, DISA STIG, HIPAA, or BSI IT-Grundschutz. CIS Benchmarks are now also included in Runecast Analyzer’s secure on-premises (and even offline) monitoring capabilities.

Forward-focused organizations already using Runecast Analyzer to mitigate service risks and ensure maximum uptime and security within their data centers include (among many others) Chevron, Erste Bank, Raiffeisen Bank, de Volksbank, Fujisoft, Scania, Avast Software, the NHS, and the German Aerospace Center (DLR).

This certification is issued by CIS® (Center for Internet Security, Inc.). “Cybersecurity challenges are mounting daily, which makes the need for standard configurations imperative. By certifying its product with CIS, Runecast has demonstrated its commitment to actively solve the foundational problem of ensuring standard configurations are used throughout a given enterprise,” said Curtis Dukes, CIS Executive Vice President of Security Best Practices & Automation Group.

Mr. Markov added:

“Our customers report increased uptime, 100% audit-readiness for security compliance, and as much as 80% operational-time savings.”

In order for a product to receive the CIS Benchmarks Certification, a vendor must adapt its product to accurately report to the security recommendations in the associated CIS Benchmarks profile. CIS Certified Security Software Products demonstrate a strong commitment by the vendors to provide their customers with the ability to ensure their assets are secured according to consensus-based best practice standards. 

The CIS Benchmarks program is a trusted, independent authority that facilitates the collaboration of public and private industry experts to achieve consensus on practical and actionable solutions. CIS Benchmarks are recommended as industry-accepted system hardening standards and are used by organizations in meeting compliance requirements for Federal Information Security Management Act, PCI, Health Insurance Portability Accountability Act, and other security requirements.

Watch webinar to learn more

About CIS®

(Center for Internet Security, Inc.) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cyber threats. The CIS Controls™ and CIS Benchmarks™ are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. Our CIS Hardened Images™ are virtual machine emulations preconfigured to provide secure, on-demand, and scalable computing environments in the cloud. CIS is home to both the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center™ (EI-ISAC™), which supports the cybersecurity needs of U.S. State, Local and Territorial elections offices. To learn more, visit or follow us on Twitter: @CISecurity.

Meet other Runecasters here: