CIS Benchmark is open for Consensus Review

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Greg Wallace <greg_at_freebsdfoundation.org>
Date: Mon, 29 Jul 2024 18:20:51 UTC
Hi Enterprise WG,

The FreeBSD Foundation is pleased to announce the release of the draft CIS
FreeBSD 14 Benchmark for community consensus review.


The draft document can be found here:
https://workbench.cisecurity.org/benchmarks/15908/files



The consensus review period is scheduled to close on Monday August 12, 2024.



We would like to thank the FreeBSD Community for all of the work that went
into this draft document. Special thanks to Benchmark writer Moin Rahman,
reviewers Carole Fennelly and Jason Kafer, Program Manager Joe Mingrone,
Justin Brown and Eric Pinnell at CIS, to Verisign
<https://www.verisign.com/> for underwriting some of the cost of creating
the CIS FreeBSD 14 Benchmark and to all the generous donors
<https://freebsdfoundation.org/our-donors/donors/> to the FreeBSD
Foundation for underwriting the remaining cost. THANK YOU!
FAQ

What is the Center for Internet Security (CIS) and CIS Benchmarks?


CIS® <https://www.cisecurity.org/> is a community-driven nonprofit
responsible for the CIS Controls® and CIS Benchmarks™, globally recognized
best practices for securing IT systems and data.


The CIS Benchmarks are prescriptive configuration recommendations for more
than 25+ product families. They represent the consensus-based effort of
cybersecurity experts globally to help protect systems against threats more
confidently.


How does CIS consensus work?



CIS Benchmarks are created using a consensus review process comprised of a
global community of subject matter experts. The process combines real world
experience with data-based information to create technology-specific
guidance to assist users to secure their environments. Consensus
participants provide perspective from a diverse set of backgrounds
including consulting, software development, audit and compliance, security
research, operations, government, and legal.



What happens after the review?


Once the consensus review is complete and any change requests have been
addressed, the CIS FreeBSD 14 Benchmark will be published on the CIS site
in the OPERATING SYSTEMS category at this link:
https://www.cisecurity.org/cis-benchmarks:



All CIS Benchmarks are free to download as PDFs.


Initially, the CIS FreeBSD 14 Benchmark will only be available as a PDF.
The FreeBSD Foundation is working with CIS to scope the work needed to
enable FreeBSD in CIS Controls and other automated tooling.

Best,

-- 
Greg Wallace
Director of Partnerships & Research
M +1 919-247-3165
Schedule a meeting <https://calendly.com/greg-freebsdfound/30min>
Get your FreeBSD Gear <https://freebsd-foundation.myshopify.com/>