CIS Benchmarks Audit is a standalone Python 3 script that evaluates system configurations against published CIS (Center for Internet Security) Hardening Benchmarks. The tool operates without requiring installation or external dependencies, making it portable and easy to deploy across different environments. The script performs automated checks to assess system compliance with CIS security standards and provides indicators of preparedness for meeting official compliance requirements. Users can customize the audit process through various command-line arguments that control test selection and output formatting options. The tool can be quickly deployed by downloading the script directly from the repository and executing it with appropriate permissions. It supports multiple output formats and allows users to tailor the assessment scope based on their specific compliance needs.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Continually audit your AWS usage to simplify risk and compliance assessment.
ServiceNow Governance, Risk, and Compliance (GRC) is an integrated suite of products that enables organizations to build operational resilience, mitigate risks, and ensure compliance across the enterprise through a unified platform, data model, AI-powered insights, and automated workflows.
A tool for achieving and proving compliance with NIST 800-171 and CMMC cybersecurity requirements
A GaaS platform that simplifies and streamlines compliance processes for MSPs, ensuring their policies are properly aligned, authorized, adopted, and assessed.
ISO2HANDLE is a powerful software that provides a total solution for Q&R professionals, trusted by over 50,000 users and 750+ organizations worldwide.
A Microsoft Word template library for implementing industrial information security management systems with documentation for policy, risk management, business continuity, and incident handling.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.