CIS Benchmark Features

Introduction

This topic describes the features found on the CIS Benchmark page.


Functionality Overview

Each of the CIS Benchmark’s controls is mapped out and titled so you can get easily drill down and get more information. CloudCheckr uses its Best Practice Checks as a source of data for each of the controls. When you drill down into a control, you will see which Best Practice Check informs the CIS Benchmark control, as well as its status (Correctly or Not Correctly Set), comments, and scoring. You are also given the option to view all of your controls and their details by exporting the entire report to PDF or CSV.


Features

The table describes each of the features displayed in the screenshot.

 

Feature Example Description
Level 1 and Level 2 tabs Level 1 and Level 2 are security configuration profiles.

Level 1 includes controls that are practical, provide a clear security benefit, and do not limit the technology beyond acceptable means.

Level 2 includes controls that are intended for environments where security is paramount, acts as defense in-depth measure, and may inhibit the performance of the technology.

Category Each control is grouped under one of the following categories: Identity and Access Management, Logging, Monitoring, and Networking.
Control Name and description of a control in the AWS CIS Foundation report.
Plus icon Click to show the details about the selected control.
Minus icon Click to hide the details about the selected control.
Best Practice Check The name of the Best Practice Check associated with the selected control. The color and icon of the check indicates if it is passing or failing for your deployment.

Clicking the name of the check takes you to the location and details in the Best Practice report.

Remediation Comment

Text field where you can insert a message about remediation.
Submit button Click Submit to add the remediation comment.
Scoring   Indicates if compliance with a given recommendation impacts a benchmark score.
Set Correctly   Indicates if the the control is configured correctly for the selected deployment.
Slider   Controls with a Slider need the User to manually choose Yes or No to indicate if the condition is met (i.e. a manual attestation).