Subscribe to our blog

The Center for Internet Security (CIS) released the first version of the CIS Benchmark for Red Hat Enterprise Linux (RHEL) 9 on Nov 28, 2022, providing a set of 255 recommended security controls organized in two different levels for RHEL 9 servers and workstations.

CIS Benchmarks for RHEL are created in a collaborative and transparent way in the CIS community, where the active participation of Red Hat engineers contributes to high quality standards aligned to the best practices for RHEL while also bringing value to Fedora and other community Linux distributions. The Red Hat Security Compliance team quickly worked on this first released version of the CIS Benchmark for RHEL 9, ultimately providing Red Hat customers with automation capabilities to meet the CIS requirements.

The CIS Benchmark for RHEL 9 provides a comprehensive set of security controls and configuration recommendations to help protect RHEL 9 systems. The new profile based on this benchmark has been available to Red Hat customers in the scap-security-guide package since version 0.1.66. It allows organizations to automate the process of configuring and monitoring their RHEL 9 systems for compliance directly via OpenSCAP or through integrations in Anaconda, Image Builder, Insights and Satellite.

The most recent improvements in this new CIS profile, already available for RHEL 9 customers in scap-security-guide version 0.1.69, automates 99% of the benchmark requirements, including controls for network security, system hardening, logging and monitoring, and access control. By using the CIS profile for RHEL 9, Red Hat customers can check and more easily remediate their systems to achieve a high level of compliance with the CIS Benchmark,  allowing their organizations to reduce their attack surface and improve their overall security posture.

For already installed systems, the OpenSCAP scanner can be directly used with the CIS profile for RHEL 9 to automate the process of scanning RHEL 9 systems, generating reports, and remediating eventual compliance gaps. Alternatively, Red Hat customers can also use the profile via Red Hat Insights and Red Hat Satellite integrations or during the installation of RHEL systems.

The release of the CIS profile for RHEL 9 with 99% of the benchmark requirements automated is a significant milestone in the effort to improve the security posture of RHEL in alignment with CIS. Organizations can now use this profile to automate the process of configuring and monitoring their RHEL 9 systems for compliance with minimal manual effort, helping to reduce their risks of cyber threats.

Red Hat continues to support valuable resources in the CIS community and other benchmarks to improve compliance with regulatory and industry-specific requirements.

Read more about Red Hat Security


关于作者

Marcus Burghardt is a Senior Software Engineer on the Red Hat Enterprise Linux (RHEL) Security Compliance team. Marcus joined Red Hat in 2021. Since then, he has primarily focused on developing automated security content used by organizations to accelerate the adoption of security policies. He was previously a Red Hat Instructor and Examiner involved with different Red Hat technologies, but also has experience in Security Management, Cryptography, and Consulting.

Read full bio

按频道浏览

automation icon

自动化

涵盖技术、团队和环境的最新自动化平台

AI icon

人工智能

平台更新使客户可以在任何地方运行人工智能工作负载

cloud services icon

云服务

有关我们的托管云服务组合的更多信息

security icon

安全防护

有关我们如何跨环境和技术减少风险的最新信息

edge icon

边缘计算

简化边缘运维的平台更新

Infrastructure icon

基础架构

全球领先企业 Linux 平台的最新动态

application development icon

应用领域

我们针对最严峻的应用挑战的解决方案

Original series icon

原创节目

关于企业技术领域的创客和领导者们有趣的故事