Onyx Point, LLC, announced
today that its SIMP Product has been certified by CIS Benchmarks ™
to enforce the configuration status of Operating Systems against the consensus-based best practice standards contained within the following benchmarks:
- CIS Benchmark for CIS CentOS Linux 7 Benchmark, v2.2.0, Level 1 Server
- CIS Benchmark for CIS CentOS Linux 7 Benchmark, v2.2.0, Level 2 Server
- CIS Benchmark for CIS CentOS Linux 7 Benchmark, v2.2.0, Level 1 Workstation
- CIS Benchmark for CIS CentOS Linux 7 Benchmark, v2.2.0, Level 2 Workstation
- CIS Benchmark for Oracle Linux 7 v2.1.0, Level 1 – Workstation Profile
- CIS Benchmark for Oracle Linux 7 v2.1.0, Level 2 – Workstation Profile
- CIS Benchmark for Oracle Linux 7 v2.1.0, Level 1 – Server Profile
- CIS Benchmark for Oracle Linux 7 v2.1.0, Level 2 – Server Profile
- CIS Benchmark for Red Hat Enterprise Linux v2.2.0, Level 1 – Workstation Profile
- CIS Benchmark for Red Hat Enterprise Linux v2.2.0, Level 2 – Workstation Profile
- CIS Benchmark for Red Hat Enterprise Linux v2.2.0, Level 1 – Server Profile
- CIS Benchmark for Red Hat Enterprise Linux v2.2.0, Level 2 – Server Profile
Organizations that leverage SIMP can now ensure that the configurations of their critical
assets align with the CIS Benchmarks consensus-based practice
SIMP is a unified security and compliance product that contains enforcement, remediation, and reporting capabilities for Linux and Windows. SIMP can drive configuration management systems such as Puppet as well as report on your infrastructure via a web user interface.
This certification is issued by CIS ® (Center for Internet Security, Inc.)
“Cybersecurity challenges are mounting daily, which makes the need for
standard configurations imperative. By certifying its product with CIS,
Onyx Point, LLC has demonstrated its commitment to actively solve the
foundational problem of ensuring standard configurations are used
throughout a given enterprise,” said Curtis Dukes, CIS Executive Vice
President of Security Best Practices & Automation Group.
† When running the Enterprise or Lite editions, at least version 1.0.0 of the simp_cis_profiles module, enforcing the
cis:el7:v2.2.0 SCE profile, and with the exceptions documented under the modules’s README.md
CIS® (Center for Internet Security) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cybersecurity threats. CIS Controls™ and CIS Benchmarks™ are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, local, tribal, and territorial government entities. To learn more, visit CISecurity.org or follow CIS on Twitter: @CISecurity.
Lisa is a Security and Compliance Engineer with 12 years
experience supporting the DoD as an Information Security
Engineer specializing in Cloud Security. Lisa is a respected
security engineer in high-security environments, and brings her
expertise to the commercial market. Today, Lisa continues to
increase her technical experience and knowledge, working as a
Director and Security Engineer for Onyx Point Inc. In this
role, she can be found contributing to policy mappings and
policy review, incorporating agile and collaborative
methodologies, advocating for DevSecOps workflow, and assisting
clients in selecting and incorporating products in IT
At Onyx Point, our engineers focus on Security, System
Administration, Automation, Dataflow, and DevOps consulting for
government and commercial clients. We offer professional
services for Puppet, RedHat, SIMP, NiFi, GitLab, and the other
solutions in place that keep your systems running securely and
efficiently. We offer Open Source Software support and
Engineering and Consulting services through GSA IT Schedule 70.
As Open Source contributors and advocates, we encourage the use
of FOSS products in Government as part of an overarching IT
Efficiencies plan to reduce ongoing IT expenditures attributed
to software licensing. Our support and contributions to Open
Source, are just one of our many guiding principles
- Customer First.
- Security in All We Do.
- Pursue Innovation with Integrity.
- Communicate Openly and Respectfully.
- Offer Your Talents, and Appreciate the Talents of Others
Share this story