SIMP 6.4 has achieved CIS Certification for Linux platforms

Back to Listing

Hanover, MD, 24 September 2019


Onyx Point, Inc, announced today that its SIMP Product has been certified by CIS Benchmarks ™ to enforce the configuration status of Operating Systems against the consensus-based best practice standards contained within the following benchmarks:

  • CIS Benchmark for CIS CentOS Linux 7 Benchmark, v2.2.0, Level 1 Server
  • CIS Benchmark for CIS CentOS Linux 7 Benchmark, v2.2.0, Level 2 Server
  • CIS Benchmark for CIS CentOS Linux 7 Benchmark, v2.2.0, Level 1 Workstation
  • CIS Benchmark for CIS CentOS Linux 7 Benchmark, v2.2.0, Level 2 Workstation
  • CIS Benchmark for Oracle Linux 7 v2.1.0, Level 1 – Workstation Profile
  • CIS Benchmark for Oracle Linux 7 v2.1.0, Level 2 – Workstation Profile
  • CIS Benchmark for Oracle Linux 7 v2.1.0, Level 1 – Server Profile
  • CIS Benchmark for Oracle Linux 7 v2.1.0, Level 2 – Server Profile
  • CIS Benchmark for Red Hat Enterprise Linux v2.2.0, Level 1 – Workstation Profile
  • CIS Benchmark for Red Hat Enterprise Linux v2.2.0, Level 2 – Workstation Profile
  • CIS Benchmark for Red Hat Enterprise Linux v2.2.0, Level 1 – Server Profile
  • CIS Benchmark for Red Hat Enterprise Linux v2.2.0, Level 2 – Server Profile

Organizations that leverage SIMP can now ensure that the configurations of their critical assets align with the CIS Benchmarks consensus-based practice standards.†

SIMP is a unified security and compliance product that contains enforcement, remediation, and reporting capabilities for Linux and Windows. SIMP can drive configuration management systems such as Puppet as well as report on your infrastructure via a web user interface.

This certification is issued by CIS ® (Center for Internet Security, Inc.) “Cybersecurity challenges are mounting daily, which makes the need for standard configurations imperative. By certifying its product with CIS, Onyx Point, Inc has demonstrated its commitment to actively solve the foundational problem of ensuring standard configurations are used throughout a given enterprise,” said Curtis Dukes, CIS Executive Vice President of Security Best Practices & Automation Group.

† When running the Enterprise or Lite editions, at least version 1.0.0 of the simp_cis_profiles module, enforcing the cis:el7:v2.2.0 SCE profile, and with the exceptions documented under the modules’s README.md

About CIS
CIS® (Center for Internet Security) is a forward-thinking, non-profit entity that harnesses the power of a global IT community to safeguard private and public organizations against cybersecurity threats. CIS Controls™ and CIS Benchmarks™ are the global standard and recognized best practices for securing IT systems and data against the most pervasive attacks. These proven guidelines are continuously refined and verified by a volunteer, global community of experienced IT professionals. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the go-to resource for cyber threat prevention, protection, response, and recovery for U.S. State, local, tribal, and territorial government entities. To learn more, visit CISecurity.org or follow CIS on Twitter: @CISecurity.

Lisa is a Security and Compliance Engineer with 12 years experience supporting the DoD as an Information Security Engineer specializing in Cloud Security. Lisa is a respected security engineer in high-security environments, and brings her expertise to the commercial market. Today, Lisa continues to increase her technical experience and knowledge, working as a Director and Security Engineer for Onyx Point Inc. In this role, she can be found contributing to policy mappings and policy review, incorporating agile and collaborative methodologies, advocating for DevSecOps workflow, and assisting clients in selecting and incorporating products in IT automation/security.

At Onyx Point, our engineers focus on Security, System Administration, Automation, Dataflow, and DevOps consulting for government and commercial clients. We offer professional services for Puppet, RedHat, SIMP, NiFi, GitLab, and the other solutions in place that keep your systems running securely and efficiently. We offer Open Source Software support and Engineering and Consulting services through GSA IT Schedule 70. As Open Source contributors and advocates, we encourage the use of FOSS products in Government as part of an overarching IT Efficiencies plan to reduce ongoing IT expenditures attributed to software licensing. Our support and contributions to Open Source, are just one of our many guiding principles

  • Customer First.
  • Security in All We Do.
  • Pursue Innovation with Integrity.
  • Communicate Openly and Respectfully.
  • Offer Your Talents, and Appreciate the Talents of Others

CIS, SecureSuite, CIS Benchmarks, CIS-CAT, PCI Compliance, FISMA, CIS Controls

Share this story

We work with these Technologies + Partners

puppet
gitlab
simp
beaker
redhat
AFCEA
GitHub
FOSSFeb