Did you know? Neovera provides Center for Internet Security (CIS) Administration Services

23 Oct

Analyze, assess, remediate.

The Center for Internet Security (CIS) is a non-profit organization that provides security benchmarks that are used to harden common operating systems and software. System hardening is the process of securely configuring computer systems, to eliminate as many security risks as possible. While default security configurations for many products have improved greatly over the years, some options and settings favor ease of use over security, exposing vulnerabilities that can be used to compromise a system.

The biggest challenge clients face with their CIS benchmarking efforts is the remediation of identified issues within their systems. Neovera can help.

With Neovera’s CIS Administration Services, we have the expertise to remediate or apply compensating controls for all CIS Benchmark deviations for operating systems, database servers, network devices, and virtualization. Neovera makes continuous compliance with CIS benchmarks easy and straightforward, providing up-front assessments and ongoing analysis to ensure your configurations remain in conformance with best practices.

Neovera’s comprehensive CIS Administration Services include:

  • System(s) assessment
  • Identification of system deviations from CIS benchmarks
  • Solutions and instructions for remediating any deviations
  • Remediation of any deviations

Neovera will:

  • Verify each finding and eliminate false-positives.
  • Identify possible solutions to remediate or provide a compensating control for each finding and propose these to the customer.
  • Implement the chosen remediation or compensating control for each finding.
  • Conduct a risk assessment for each finding that cannot be remediated and for which no compensating control exists.
  • Provide a report to the customer to detail any actions taken for each CIS Benchmark deviation.

Neovera’s team includes recognized individuals who have made outstanding contributions to the development of CIS Benchmarks, Benchmark Assessment Tools, and Metrics Definitions.

Arman Rawls is a contributing editor for the CISecurity Oracle Database Benchmarks. Andrew Stueve is a contributing editor for the CIS Red Hat Linux Benchmarks. As such, they assist with developing the benchmarks, making corrections to them, and approving and commenting on suggestions from other contributors. Mike Hertrick also contributed to the RAT[1] tool, and Dru Grote contributed to the CIS Cisco Router Assessment tool.

To learn more about our CIS administration services and expertise, contact us at:

(866) 636-8372