blog post cover

Announcing: Resmo is now an Official CIS Product Vendor

As of the first quarter of 2023, Resmo has been recognized as an official Center for Internet Security (“CIS”) product vendor. In this update, Resmo will leverage industry-leading tools and resources and bring a deeper understanding of the cybersecurity environment.

Discover Resmo on the official CIS product vendor page.

For our users, what does this update mean?

  • A comprehensive set of cybersecurity resources will make it easier to implement critical security controls and CIS benchmarks effectively.
  • Tooling access will help automate technologies' configuration, assessment, and remediation. 
  • On-time and detailed updates will keep users updated on the newest developments.
  • With more than 100 configuration guides, tracking compliance with industry frameworks and enhancing cyber hygiene will be much easier.
  • Developing custom configuration policies will be possible.
  • By assessing endpoint configurations and compliance measurements, Resmo will also ensure its compliance with CIS recommendations. 

Resmo and CIS - What does Resmo offer?

Resmo allows CIS benchmark recommendations to be automated, and users can ensure compliance with these standards. In this regard, Resmo provides its users with the following:

  • Evaluation of their security posture under the CIS Security Guide.
  • Track all activities in real time, including changes in rule status, the reason for the change, and the time of the change.
  • Exportable HTML and PDF files with rule details, results, and suppressions that can be used as evidence of compliance.
  • Compliance score of their packs.
  • Packs compatible with resource groups allow them to see individual scores for each resource group.

It is also a great way to show customers how dedicated the company is to security by automating CIS benchmarks. 

CIS Benchmark Compliance Packs

cis benchmark compliance packs

GCP CIS 1.3.0 Level 1.2 Benchmark Pack

The Google Cloud Platform ("GCP") CIS pack covers essential security recommendations, while this managed pack from Resmo comprises a variety of IT system configurations. Among these controls are:

  • Identity and access management
  • Logging and monitoring 
  • Networking and more

By implementing GCP CIS benchmarks, organizations can take advantage of benefits such as cost-effectiveness, improved cybersecurity hygiene, and improved cyberattack protection.

Suggested reading: CIS Benchmarks for GCP

AWS CIS 1.5.0 Level 2 Benchmark Pack

In addition to AWS Well-Architected, Resmo also offers a CIS benchmark pack to provide its users with a complete set of pioneering security frameworks. In accordance with its name of "CIS AWS Foundations Benchmark", benchmarks are primarily built upon four foundations:

  1. Identity and Access Management
  2. Logging 
  3. Monitoring 
  4. Networking 

Suggested reading: Assess Security Best Practices for AWS

aws cis benchmark pack

Microsoft Azure CIS 1.5.0 Benchmark Pack

Resmo offers Microsoft Azure CIS Benchmark Pack, which covers controls regarding a wide range of fields, such as:

  • Identity and Access Management 
  • Storage Accounts
  • Key Vault
  • Networking
  • Virtual Machines and more

Bonus: GitHub CIS Software Supply Chain Compliance Pack 

As software supply chain attacks are an emerging threat, those who develop, assess, or secure software updates must have a secure working environment in place. To do so, the CIS Software Supply Chain Security Guide aims to provide guidance by pointing out five main categories:

  1. Source Code
  2. Build Pipeline
  3. Dependencies 
  4. Artifacts
  5. Deployment

Final Words

Always going the extra mile, Resmo will continue to provide its users with a higher level of service. Sign up for a free trial today to see your cybersecurity posture with Resmo’s key features, and stay up-to-date on updates!

Continue Reading