RedLock is now a part of Palo Alto Networks - READ MORE

CIS Compliance

Quick, Simple CIS Compliance Reporting and Management for Public Cloud Computing Environments

Ensure Continual CIS Compliance

CIS Benchmarks are configuration guidelines developed by experts in US government, business, industry, and academia to help organizations assess and improve their security. These benchmarks, developed by the nonprofit Center for Internet Security (CIS), are consensus-based and provide a broad baseline to safeguard private and public organizations against cyber threats. CIS Benchmarks are often viewed as the global standard and are recognized best practices for securing IT systems and data against the most pervasive attacks.

CIS Benchmarks are well-defined and, due to their consensus-based approach, generally viewed as unbiased. Consensus participants provide perspective from a diverse set of backgrounds including consulting, software development, audit and compliance, security research, operations, government, and legal. CIS Benchmarks are used by thousands of enterprises as the basis for security configuration policies and the de facto standard for IT configuration best practices.

For organizations that operate using public cloud computing environments, meeting both CIS Benchmark requirements and the shared responsibility model of cloud computing provides a sound compliance framework. The shared responsibility model stipulates that cloud service providers are responsible for securing the underlying infrastructure that supports the cloud, while their customers are responsible for security in the cloud. Adherence to the shared responsibility model does not negate an organization’s responsibility to also embrace CIS.

Cloud Security Shared Responsibility Model

For any organization that operates in a public cloud environment, adherence to both CIS and the shared security model is a must. Fortunately, RedLock is here to help organizations meet both requirements.

CIS Compliance Made Simple with the RedLock Cloud 360 Platform

Cloud Resource Discovery

RedLock automatically discovers cloud resources as soon as they are created, and then immediately profiles them to understand which policies to assess for CIS compliance.

Compliance Dashboard

Compliance and security teams can easily view, monitor and report on the CIS compliance status of all public cloud environments, quickly noting resources that pass and fail the CIS requirements.

Continuous Monitoring and Remediation

RedLock continuously monitors cloud computing resources for violations and automatically alerts the appropriate for remediation.

Audit Reporting

RedLock not only enables you to report on your current CIS compliance posture, but also maintains historical snapshots of your environment, enabling you to prove compliance for any past periods.

CIS Reporting Features

Real-time CIS Compliance Dashboard

Real-time CIS Compliance Dashboard

RedLock’s custom compliance dashboard enables organizations to create their control panel to view and manage CIS compliance, including a summary for all your public cloud computing environments. With RedLock, you can easily and quickly see the number of resources passing and failing compliances checks.

Powerful CIS Audit Reporting

During an audit, organizations are asked to prove compliance for a given time period. This poses significant challenges in public cloud computing environments where users are constantly making changes without a security review. RedLock enables you to report on your current compliance posture, including CIS, and also maintains historical snapshots of your environment, enabling you to prove compliance for any past periods as well.

CIS Compliance Report

See CIS Reporting on the RedLock Cloud 360 platform

Get a demo to see how RedLock can help you and your organization with compliance assurance, including CIS Compliance, security governance, and SOC enablement.

Get a Demo