The Center for Internet Security (CIS) Security Benchmarks division provides well-defined, unbiased and consensus-based industry best practices to help organizations assess and improve their security. CIS certification is often considered to be the gold standard in configuration benchmarks. That’s why we are thrilled to announce that the CIS has certified that EiQ’s core set of Windows and Linux policies meet the technical standards contained in the CIS Benchmarks. Of note: EiQ’s SecureVue 3.6.6 has received certification from the Center for Internet Security (CIS) for its ComplianceVue® policies
ComplianceVue collects configuration data from a wide variety of IT assets and audits against CIS Benchmarks, DISA STIGs, and/or custom policies to detect poorly configured systems that may be vulnerable to cyber-attack. This is especially useful for organizations that operate in highly regulated industries like the Federal Government, retail and credit card processing, healthcare and others.
Poorly configured or misconfigured systems are the ‘low-hanging fruit’ that most entices malicious attackers and malware, and security professionals spend an inordinate amount of time tracking down and eliminating one-off configurations that can expose an otherwise secure network to major threats. With ComplianceVue, companies can rely on real-time notification of any configuration changes that impact security to allow the organization to react to security threats faster and reduce the risk of a breach.
The CIS Security Benchmarks division is recognized as a trusted, independent authority that facilitates the collaboration of public and private industry experts to achieve consensus on practical and actionable solutions. Because of this reputation, its resources are recommended as industry-accepted system hardening standards and are used by organizations in meeting compliance requirements for FISMA, PCI, HIPAA and others. EiQ is proud to be recognized by the Center for Internet Security as we continue to foster a new culture around information security driven as much by people and process as it is by technology.