Automate Compliance Checks for CIS Benchmarks in VMware SDDCs

Yes, organizations and admins can manually check for CIS Security Benchmarks with lots of DIY effort. But why? It’s difficult, extremely time consuming, and potentially inaccurate for admins to personally control that their infrastructure is compliant.

Center for Internet Security (CIS) is an industry-standard for secure configuration guidance. CIS Benchmarks, also known as CIS Security Standards for VMware, have been added to the expanding list of compliance standards available in Runecast Analyzer. The recently added feature gives admins an automated way to ensure that their networks are fully compliant with the latest security standards, benchmarks and checklists from CIS.

Aiming to be “objective, consensus-driven,” the CIS checklist for VMware security standards has been established via input from various cybersecurity experts.

Automated CIS Benchmark checks help you go home on time

Runecast users are able to immediately run the automated CIS Benchmark checklist after downloading the on-premises Runecast Analyzer and connecting it to their vCenter. All analysis is done locally on-prem, with no sensitive data sent beyond the organization’s walls.

The list of CIS Security Standards for VMware networks is just the latest set of industry standards to be included in Runecast Analyzer. Other standards that receive automated compliance assistance from Runecast include BSI for the German public sector, DISA STIG for government and defense, HIPPA for the healthcare industry, and PCI DSS for the banking and financial sector. In addition to these benchmarks for VMware-driven SDDCs, companies running hybrid cloud operations with Amazon’s AWS can check for compliance with PCI DSS (with more AWS benchmarks already on the R&D roadmap).

“Many security standards run concurrently, so organizations need to know they are fully compliant with CIS as well as, for example, PCI DSS or HIPAA. With Runecast, they can cover any gaps – compliance and security checks for the multiple standards out there – and it’s all automated, done by a single solution, on-prem for maximum security,” said Runecast CTO Aylin Sali.

Here are three steps to ensure compliance with CIS Benchmarks

1. Improve your security posture automatically.

Know in advance about any possible misconfiguration or security non-compliance that could endanger the network. Automated checks let you get right to work, knowing that you’re getting insights, proactively, about all known security vulnerabilities and how to remediate them before they turn problematic. To be even more proactive, put Runecast Analyzer’s checks against Best Practices and KBs to good use as well.

With automated checks for CIS Benchmarks, you can sort the issues by a severity which is used in official CIS Security standards reports. 

2. Get your compliance together

Make sure your VMware stack is fully compliant with CIS standards and other security compliance rules covered by Runecast Analyzer, such as NIST, HIPAA, PCI DSS, DISA STIG, or BSI IT-Grundschut, according to the needs of your specific industry vertical.

3. Secure compliance and configuration in minutes

After downloading the Runecast Analyzer and connecting to the vCenter, the automated security compliance checks start running (keeping everything on-prem).

In the Inventory view, you can see the number of objects affected by a potential security issue, so it’s easy to discover which parts of your infrastructure might be at risk.

14-day free trial of Runecast Analyzer

Try the automated CIS Security Standards checks yourself with a free trial.

Get Free Trial