CIS Benchmark Scanning

Utilize CIS Benchmark Scanning to verify your compliance with industry standard security best practices.

What is CIS Benchmark Scanning?

According to CIS Security, CIS Benchmarks are best practices for the secure configuration of a target system.

We support the following CIS Benchmarks:

Windows
CIS Windows 10 Enterprise v4.0.0
CIS Windows 10 Enterprise with BitLocker v4.0.0
CIS Windows 10 Enterprise with BitLocker, NextGen v4.0.0
CIS WIndows 11 Enterprise v4.0.0
CIS Windows 11 Enterprise with BitLocker v4.0.0

Create a CIS Scan

There are a couple of ways to access and use CIS Benchmark Scans. If auto-enabled credentials are being used for the CIS Benchmark scanning, the default CIS Benchmark Scan profile can be used.

  1. Create a new scan policy or copy an already existing one. For more information on creating and running scans, see Create and Run Scans.
  2. From the navigation menu, select Scans > Scan Policies.
  3. Look for CIS Benchmark Scan, and then select the Copy & edit button. A new window opens.
  4. Rename the Scan Policy to something unique.
  5. Select Credentials from the top tab.
  6. Toggle Compliance Scanning to ON.
  7. Under Select Credentials, select the credentials you want to add.
    8. NOTE: See Add Credentials for more information on Credentials.
  8. If needed, add credentials by selecting + Add Credential.
  9. Complete the rest of the fields as needed.
  10. Select Save, or Add Another (if necessary).

Run a CIS Scan

  1. From the navigation menu, select Scans > Scan Activity.
  2. Select + New scan.
  3. Under General Settings, select Advanced.
  4. Under Policy Options, select the CIS Compliance scan you renamed in step 4 of Create a CIS Scan from the Scan Policy list.
  5. Complete the rest of the settings as needed.
  6. Select Create and run.

The new scan will be added to the Upcoming Scheduled Scans list. From this screen you can edit or delete the scan.