Going forward we plan to release updates to kube-bench to add support for new releases of the CIS Benchmark. Kindly read Contributing before contributing.
This means most likely you will find it has already updated to the latest version of the Analyzer as well as knowledge definitions.Īs you can see below, we are running the 4.1.0.0 version which is the latest at the time of this writing.Kube-bench-j76s9 0/1 ContainerCreating 0 3s
#CIS BENCHMARK SCANNER UPDATE#
The great thing about the Runecast Analyzer appliance is that it is set to auto update by default. Go to Settings > Updates and make sure you are Up to date. Verify that your appliance is running the Runecast Analyzer 4.1 version.
#CIS BENCHMARK SCANNER HOW TO#
Let’s take a look at how to setup the new CIS Benchmark scans against your vSphere environment. This helps to give even more visibility to potential security issues found in your VMware vSphere environment based on the findings of the CIS benchmark framework. With the latest release of Runecast, Runecast Analyzer 4.1, it now gives you the ability to flag on the CIS Benchmark as part of the compliance checks that are ran against your VMware vSphere environment. Level 2 recommends security settings for environments requiring greater security that could result in some reduced functionality.ĬIS Critical Security Controls VMware Scan with Runecast 4.1.Level 1 recommends essential basic security requirements that can be configured on any system and should cause little or no interruption of service or reduced functionality.
#CIS BENCHMARK SCANNER ISO#
The CIS controls in themselves map to well known security standards such as NIST, ISO 27000, PCI DSS, HIPAA, etC.ĬIS CSC benchmarks provide two levels of security settings: Each of the recommendations point to one or more CIS controls to help improve overall cybersecurity defenses. The “Benchmarks” portion of the CIS Benchmarks include configuration baselines and best practices for securely configuring a system. The CIS Benchmark is developed from the expertise of industry professionals including cyber security and IT pros from a wide range of industries. It is a nonprofit organization that sets out to identify, develop, validate, promote, and sustain best practice solutions for cyber defense. What is the CIS Benchmark?ĬIS stands for Center for Internet Security. The “blast radius” is much larger with any kind of security compromise in a virtualized environment. More is simply at stake when it comes to hypervisors since multiple workloads are running on top of your hypervisor instead of just one. Especially, after the Spectre and Meltdown scare of 2018, hypervisors have been under even more scrutiny for side-channel type attacks as well as general security best practices. In fact, it seems like it becomes more and more important with each passing quarter and each passing year in IT and across the landscape of IT infrastructure. Security couldn’t be a more relevant topic in today’s infrastructure. What is this? Let’s take a look at CIS Critical Security Controls VMware scan with Runecast 4.1 and see how this new release helps you to align your vSphere environment with the CIS benchmark. The recent release of Runecast 4.1 adds an additional powerful compliance check called the CIS Benchmark. Having the right tools to implement security and security best practices in your VMware vSphere environment is critical to a successful security posture.
0 kommentar(er)
