New CIS Cisco IOS 17 Benchmark v1.0.0 Audit Files Summary...
New CIS Cisco IOS 17 Benchmark v1.0.0 Audit Files Summary Customers can now measure compliance against the latest release of the Cisco IOS 17 Benchmark v1.0.0 from CIS with the new Cisco IOS 17 Benchmark v1.0.0 audits. These audits have been certified through CIS and can be viewed along with Tenable's other certified products at https://www.cisecurity.org/partner/tenable. Tenable Audit Files Cisco IOS 17 Benchmark v1.0.0 - Level 1 Cisco IOS 17 Benchmark v1.0.0 - Level 2 Target Release Date The audits can be download from the Tenable Audits Portal on July 18, 2022CIS Windows 10 Audit Files Deprecation Summary We recently...
CIS Windows 10 Audit Files Deprecation Summary We recently discovered that our CIS Windows 10 audits were being misrepresented based on CIS guidance. CIS recommends that every new release of the Windows 10 Benchmark replaces the previous Windows 10 Benchmark. Our customers should be using the latest CIS Windows 10 version regardless of the Windows 10 release. With that understanding, we are deprecating our previous CIS Windows 10 audit versions. The most current version will remain active (Currently version 1.12.0). The CIS Windows 10 v1.12.0 Tenable audits can be download from Tenable Audits Portal. For more information regarding the CIS Windows 10 nomenclature please review the CIS guidance found here - https://workbench.cisecurity.org/community/2/discussions/8127. Deprecated Tenable Audit Files CIS Windows 10 v1.10.1 audits CIS Windows 10 v1.10.0 audits CIS Windows 10 v1.9.1 audits CIS Windows 10 v1.9.0 audits CIS Windows 10 v1.8.1 audits CIS Windows 10 v1.8.0 audits CIS Windows 10 v1.7.1 audits CIS Windows 10 v1.7.0 audits CIS Windows 10 v1.6.1 audits CIS Windows 10 v1.6.0 audits CIS Windows 10 v1.7.1 audits CIS Windows 10 v1.7.0 audits CIS Windows 10 v1.6.1 audits CIS Windows 10 v1.6.0 audits CIS Windows 10 v1.5.0 audits CIS Windows 10 v1.4.0 audits CIS Windows 10 v1.3.0 audits CIS Windows 10 v1.2.0 audits CIS Windows 10 v1.1.1 audits CIS Windows 10 v1.1.0 audits CIS Windows 10 v1.0.0 audits Target Deprecation Date August 1, 2022New RedHat OpenShift Container Platform Plugin and Audit...
New RedHat OpenShift Container Platform Plugin and Audit files Summary Customers can now measure compliance against RedHat OpenShift Container Platform with new plugin ID 161406 on Tenable.io and Nessus. This plugin will be published with a new credential type: OpenShift Container Platform. This plugin retrieves target data using the RedHat OpenShift Container Platform API and will evaluate actual values against a given audit policy. All data retrieval and communication is via the RedHat OpenShift Container Platform API. Additional Notes Two CIS audits will be released along with the plugin: CIS RedHat OpenShift Container Platform 4 v1.2.0 Level 1 CIS RedHat OpenShift Container Platform 4 v1.2.0 Level 2 Example audit structure <check_type: "OpenShift"> <custom_item> type : REST_API description : "Minimize the admission of containers with allowPrivilegeEscalation" request : "getSecurityContextConstraints" json_transform : ".items[] | .spec.clusterID as $clusterID | .items[] | \"Cluster ID: \($clusterID), Name: \(.metadata.name), UID: \(.metadata.uid), Allow Privilege Escalation: \(.allowPrivilegeEscalation)\"" expect : "Allow Privilege Escalation: false" </custom_item> </check_type> The 'request' tag references specific API endpoints for data retrieval. The 'json_transform' tag selects specific parts of returned data. Regex and expect tags will further filter and evaluate the data for a passing or failing result. Target Release Date January 27, 2023New CIS Azure Kubernetes Service (AKS) Benchmark v1.1.0...
New CIS Azure Kubernetes Service (AKS) Benchmark v1.1.0 policies for Tenable.cs Summary Tenable.cs customers can now measure compliance against the CIS Azure Kubernetes Service (AKS) Benchmark v1.1.0 benchmark. These policies have been certified through CIS and can be viewed along with Tenable's other certified products at https://www.cisecurity.org/partner/tenable. Tenable.cs supported profiles CIS Azure Kubernetes Service (AKS) Benchmark v1.1.0, Level 1 CIS Azure Kubernetes Service (AKS) Benchmark v1.1.0, Level 2 Target Release Date ImmediateResearch Highlight - New CIS Bottlerocket v1.0.0 Audit...
Research Highlight - New CIS Bottlerocket v1.0.0 Audit Files Summary Customers can now measure compliance against the latest release of Amazon Bottlerocket OS from CIS with the new Bottlerocket v1.0.0 audits. These audits cover both the CIS L1 and L2 guidance for Bottlerocket OS and include checks for host system filesystem configuration, access control, kernel network parameters, firewall rules, system logging, and more. They have been certified through CIS and can be viewed along with Tenable's other certified products at https://www.cisecurity.org/partner/tenable. Tenable Audit Files CIS_Bottlerocket_v1.0.0_L1.audit CIS_Bottlerocket_v1.0.0_L2.audit Target Release Date The audits can be downloaded from the Tenable Audits Portal on February 29th, 2024. Date of Release ImmediateNew CIS Microsoft Windows Server 2022 v1.0.0 Audit Files...
New CIS Microsoft Windows Server 2022 v1.0.0 Audit Files Summary Customers can now measure compliance against the latest release of the Microsoft Windows Server 2022 Benchmark from CIS with the new CIS Microsoft Windows Server 2022 v1.0.0 audits. These audits have been certified through CIS and can be viewed along with Tenable's other certified products at https://www.cisecurity.org/partner/tenable. Tenable Audit Files CIS Microsoft Windows Server 2022 v1.0.0 - Level 1 Domain Controller CIS Microsoft Windows Server 2022 v1.0.0 - Level 2 Domain Controller CIS Microsoft Windows Server 2022 v1.0.0 - Level 1 Member Server CIS Microsoft Windows Server 2022 v1.0.0 - Level 2 Member Server CIS Microsoft Windows Server 2022 v1.0.0 - Next Generation Windows Security - Domain Controller CIS Microsoft Windows Server 2022 v1.0.0 - Next Generation Windows Security - Member Server Target Release Date ImmediateNew CIS Palo Alto Firewall 10 v1.0.0 Audit Files Summary...
New CIS Palo Alto Firewall 10 v1.0.0 Audit Files Summary Customers can now measure compliance against the latest release of the Palo Alto Firewall 10 v1.0.0 from CIS with the new CIS Palo Alto Firewall 10 v1.0.0 audits. These audits have been certified through CIS and can be viewed along with Tenable's other certified products at https://www.cisecurity.org/partner/tenable. Tenable Audit Files CIS Palo Alto Firewall 10 v1.0.0 - Level 1 CIS Palo Alto Firewall 10 v1.0.0 - Level 2 Target Release Date The audits can be download from the Tenable Audits Portal on July 18, 2022
New CIS Oracle Database 19c Benchmarks v1.0.0 Summary...
New CIS Oracle Database 19c Benchmarks v1.0.0 Summary Customers can now measure compliance against Oracle 19c databases with the new CIS Oracle Database 19c audits. These audits have been certified through CIS and can be viewed along with Tenable's other certified products at https://www.cisecurity.org/partner/tenable/. Tenable Benchmarks CIS Oracle Database 19c Unified Auditing L1 v1.0.0 CIS Oracle Database 19c Traditional Auditing L1 v1.0.0 CIS Oracle Database 19c Linux Host L1 v1.0.0 CIS Oracle Database 19c Windows Host L1 v1.0.0 Target Release Date 22 Oct 2020 Additional Notes: These audits are very similar to the CIS Oracle 12c benchmark. Notable changes include: SQL query changes in the Unified Auditing profile for checks 6.2.1 through 6.2.27, and the removal and renumbering of a few controls in Traditional and Unified auditing profiles. ------------------------------------------------------------------------------------------------ Tenable Research Release Highlights are posted in advance of significant new releases or updates to existing plugins or audit files that are important for early customer notification.New CIS Microsoft Azure Foundations Benchmark v1.5.0 for...
New CIS Microsoft Azure Foundations Benchmark v1.5.0 for Tenable.cs Summary Customers can now measure compliance against the latest release of the CIS Microsoft Azure Foundations Benchmark v1.5.0 in Tenable.cs. These policies have been certified through CIS and can be viewed along with Tenable's other certified products at https://www.cisecurity.org/partner/tenable. Supported CIS Profiles CIS Microsoft Azure Foundations Benchmark v1.5.0 - Level 1 CIS Microsoft Azure Foundations Benchmark v1.5.0 - Level 2 Target Release Date ImmediateNew CIS Microsoft SQL Server 2019 Benchmark v1.0.0 Summary...
New CIS Microsoft SQL Server 2019 Benchmark v1.0.0 Summary Customers can now measure compliance against the latest major version of Microsoft SQL Server with the new CIS Microsoft SQL Server 2019 audits. These audits have been certified through CIS and can be viewed along with Tenable's other certified products at https://www.cisecurity.org/partner/tenable. Tenable Benchmarks CIS Microsoft SQL Server 2019 Database Engine L1 v1.0.0 CIS Microsoft SQL Server 2019 AWS RDS L1 v1.0.0 Target Release Date 9 Mar 2020 Additional Notes: This audit includes a profile for Level 1 - Database Engine along with Level 1 - Workstation AWS RDS. __________________________________ Tenable Research Release Highlights are posted in advance of significant new releases or updates to existing plugins or audit files that are important for early customer notification.