AutomateCIS

A world-class CIS automation platform for audits on CIS benchmarks & remediation

Safeguarding IT systems against cyber threats takes a lot of time & requires many meetings between IT & Security to debate on configuration settings. Centre for Internet Security (CIS) has developed CIS Benchmarks for operating systems and cloud platforms. But applying them to individual systems and auditing their current state is difficult and not practical.

AutomateCIS is a world-class cybersecurity compliance platform. It remediates security settings of servers and ensures compliance with industry agreed cyber security standards. It is the world’s first scalable platform for CIS benchmarking and audit.

Worlds FIRST scalable platform for
CIS benchmarking & audit

Why AutomateCIS

CIS is the industry standard and widely adopted security benchmarks for OS and other applications. A CIS hardened system is less prone to security issues, keeps systems safe from external attacks.

AutomateCIS helps organizations to automate their OS / Application hardening journey easy and hassle free. It is a platform focussed primarily on OS / Application hardening and always updates the latest security checks. It also allows to roll back the remediation, in case issues on the application arise.

Saves 40% of operational costs for OS hardening & security

Reduces 10% of man-hours to fix OS related security issues

Latest updates to OS hardening rules are always applied to the systems

Technology Stack

Operating Systems Supported

  • Red Hat Enterprise Linux 6, 7, 8
  • Oracle Linux 6, 7, 8
  • Microsoft Windows Server 2022, 2019, 2016,, 2012 R2, 2012 NonR2, 2008 R2, 2008 NonR2, Desktop 10,11
  • Amazon Linux 1, 2
  • Ubuntu Linux 20.04, 18.04, 16.04,14.04

Applications Supported

  • Websphere
  • Docker & Docker Swarn
  • Nginx on Ubuntu & CentOS
  • Apache Tomcat 7, 8, 9
  • Ubuntu Linux 20.04, 18.04, 16.04,14.04

Databases Supported

  • PostgreSQL
  • MSSQL
  • MySQL
  • Oracle DB

Customer Project

The worlds largest brewery was looking to increase their security posture related to servers and applications running on them. They had 10000+ servers running across multiple regions with different operating systems, with Puppet as their automation and configuration management system.

Solution

For all the checks which were failing in compliance, the CIS benchmarks were written in Puppet to validate and remediate. Introduced CIS benchmarks and in turn enabled our client to secure their servers and applications via a preventive model.

Installation

The solution checks the servers every 30 minutes, automatically for non-compliance. This was implemented using puppet in their data-centre in Bangalore, India.