AVAILABLE 24x7
888.662.2724
AVAILABLE 24x7
(888) 66CARAH
Fast & Accurate
Request A Quote
Quick Response
Chat With Us
Center for Internet Security, Inc. (CIS) Solutions for the Public Sector
For more information on these products, please view the resources in the tab above.
-
CIS Hardened Images®
- Securely pre-configured virtual machine images hardened according to the globally recognized secure configuration guidelines of the CIS Benchmarks. They provide a secure, on-demand and scalable computing environment.
- More secure than a standard image, CIS Hardened Images reduce system vulnerabilities and offer security to help protect against malware, remote intrusion, insufficient authorization, and other cyber threats.
- Each CIS Hardened Image includes a report showing conformance to the applicable CIS Benchmarks, which are recognized as secure configuration standards by PCI DSS, HIPAA, FedRAMP, NIST, and DoD STIGs.
- Offered for nine different virtual machine versions of Linux: Amazon, CentOS, Debian, Oracle, Red Hat, SUSE, Ubuntu, NGINX, and PostgreSQL - as well as Microsoft Windows Server.
- Available to spin up immediately from Amazon Web Services (AWS Marketplace, AWS GovCloud (US) region, and AWS for the Intelligence Community [IC]), Microsoft Azure (Azure Marketplace and Azure Government Marketplace), Google Cloud Platform, and Oracle Cloud.
- Securely pre-configured virtual machine images hardened according to the globally recognized secure configuration guidelines of the CIS Benchmarks. They provide a secure, on-demand and scalable computing environment.
-
Albert Network Monitoring and Management
- Cost-effective Intrusion Detection System (IDS) providing automated alerting on both traditional and advanced network threats
- In-depth review of alerts conducted by expert analysts through CIS’s 24x7x365 Security Operations Center (SOC)
- Consolidated, actionable insights and monthly reporting from expert analysts with industry-leading response times - averaging 6 minutes from threat detection to notification
- Unique SLTT-focused and targeted signature set
- Turnkey solution incorporating 24x7x365 monitoring and management
- Available for both on-premises and cloud environments (AWS and Azure)
- Cost-effective Intrusion Detection System (IDS) providing automated alerting on both traditional and advanced network threats
-
CIS Endpoint Security Services (ESS)
- Fully managed, premium endpoint security solution as a service that includes:
- Next Generation Antivirus (NGAV)
- Endpoint Detection and Response (EDR)
- Asset and application inventory
- USB device monitoring
- User account monitoring
- Host-based firewall management
- Device-level protection and response powered by CrowdStrike with value-added support and service from CIS
- Deployed on endpoint devices to identify, detect, respond to, and remediate security incidents and alerts
- 24x7x365 monitoring and management by CIS Security Operations Center (SOC), providing expert human analysis of malicious activity and escalating actionable threats
- Incident response and remote digital forensics support provided by CIS Cyber Incident Response Team (CIRT)
- Fully managed, premium endpoint security solution as a service that includes:
-
Managed Security Services
- Cost-effective log and security event monitoring of devices for malicious or anomalous activity including, but not limited to, IDS/IPS, firewalls, switches and routers, servers, endpoints, and web proxies
- Event analysis performed by expert human analysts in the 24x7x365 CIS SOC using the largest cyber threat database specifically for SLTTs
- Analysts eliminate false positives, escalate actionable items to organizations, provide support regarding alerts or notifications received, and deliver comprehensive monthly activity reports
- Users gain visibility into security events, log data, and on-demand reporting through an online portal powered by Accenture
-
Penetration Testing
- Network and web application penetration testing utilizing both automated tools and manual techniques
- Identification and exploitation of vulnerabilities through a simulated real-world cyber-attack for risk assignment
- In-depth reporting on vulnerabilities, risk, impact, location, recommendations, and references to mitigate in your environment
- Network and web application penetration testing utilizing both automated tools and manual techniques
-
Vulnerability Assessments
- Both network and web application vulnerability assessments available.
- Cost-effective solution to proactively identify and remediate potential attack vectors
- Assessments include network or application discovery and mapping, asset prioritization, manual vulnerability verification, vulnerability assessment reporting, remediation tracking according to business risk, and remediation support
- Available as either single or regularly recurring (quarterly or monthly) assessments
- Both network and web application vulnerability assessments available.
-
Phishing Engagements
- Leverage technical and socio-psychological techniques to diagnose end user awareness
- Craft unique and customized phishing email content, links and attachments, landing pages, forms to capture user credentials, and personalized content for each target user
- Extensive report detailing assessment’s goals, theory, attack method, concluded results, statistics, campaign effectiveness and conclusions, and recommendations
- Leverage technical and socio-psychological techniques to diagnose end user awareness
-
CIS SecureSuite
- Trusted by more than 2,500 organizations worldwide, CIS SecureSuite® Membership provides integrated cybersecurity resources to help businesses, nonprofits, government entities, and IT experts start secure and stay secure.
- CIS SecureSuite® Members benefit from advanced tools and resources that help speed the adoption of security best practices from policy to implementation, including:
- Full-format CIS Benchmarks: access multiple file formats of our more than 100 consensus-developed secure configuration guidelines for hardening operating systems, servers, cloud environments, and more across 25+ vendor product families
- CIS-CAT Pro: automatically assess your system configuration against the CIS Benchmark recommendations and measure compliance over time
- CIS Build Kits: quickly and easily remediate at scale and implement security recommendations across your environment with our automated scripts and templates
- CIS CSAT Pro: conduct, track, and assess your implementation of the CIS Controls, our community-developed cybersecurity best practices
- CIS WorkBench: collaborate with our global community of IT professionals, tailor benchmark recommendations to fit your organizational policies, and easily access membership resources and content
- CIS Benchmarks™
- Consensus-developed secure configuration guidelines for hardening operating systems, servers, cloud environments, and more. The CIS Benchmarks include more than 100 configuration guidelines across 25+ vendor product families.
- Recognized as secure configuration best practices that can help organizations meet compliance for PCI DSS, DoD STIGs, FISMA, FedRAMP, and others.
- Consensus-developed secure configuration guidelines for hardening operating systems, servers, cloud environments, and more. The CIS Benchmarks include more than 100 configuration guidelines across 25+ vendor product families.
- CIS Critical Security Controls® (CIS Controls)
- Prescriptive, prioritized, and simplified set of critical security controls and cybersecurity best practices developed by a community of cybersecurity experts that can help support compliance in a multi-framework era.
- Provide specific guidance and a clear pathway for organizations to achieve the goals and objectives described by multiple legal, regulatory, and policy frameworks, including NIST, PCI DSS, CMMC, and HIPAA.
- Prescriptive, prioritized, and simplified set of critical security controls and cybersecurity best practices developed by a community of cybersecurity experts that can help support compliance in a multi-framework era.
- CIS Benchmarks™
- Full-format CIS Benchmarks: access multiple file formats of our more than 100 consensus-developed secure configuration guidelines for hardening operating systems, servers, cloud environments, and more across 25+ vendor product families
- Trusted by more than 2,500 organizations worldwide, CIS SecureSuite® Membership provides integrated cybersecurity resources to help businesses, nonprofits, government entities, and IT experts start secure and stay secure.
-
Malicious Domain Blocking and Reporting Plus (MDBR+)
- MDBR+ is a quick-to-configure and easy-to-deploy cloud-based protective domain name system (PDNS) service that's available to U.S. State, Local, Tribal and Territorial (SLTT) government organizations and private hospitals.
- Cloud-based Management Portal: Offers security teams full access to a cloud-based management portal, enabling management and custom configuration from any location at any time.
- Enhanced Reporting and Visibility: Gives you instant access to real-time reports on blocked activity for every user on your network, allowing for more informed security decisions.
- Custom Configurations: Puts your organization in the driver's seat of your own web security with the ability to create AUPs, allow/deny lists, and error pages tailored to your unique security needs.
- Off-network Protection: Even your off-network devices can be protected with the secure PDNS service through an easy-to-deploy lightweight client that can be installed on your organization's devices to protect laptops or mobile devices wherever they connect to the internet.