CIS Compliance Tool

Experience centralised CIS Compliance for audit logs and other types of telemetry

  • Start Free 14-Day Trial
  • Book a Free Demo
  • maersk
  • gds
  • honest
  • xneelo
  • ringier

Trusted By Thousands

Why You Should Comply With CIS

In the past few years, there have been numerous examples of how poorly configured systems have paved the way for hackers. These examples have also led to regulatory bodies imposing hefty fines for improper conduct.

Fortunately, there are prescriptive guidelines, provided by the Center for Internet Security (CIS), for establishing a secure baseline configuration for assets to prevent poorly implemented configurations. CIS Benchmarks are the only independent, consensus-based, and industry-accepted guidelines for configuration best practices that have been developed by a global community of cybersecurity professionals and academics from all walks of life and are accepted by governments, businesses, industries, and the wider academic community.

If you want to manually assess all your endpoints, network devices and operating systems within a highly distributed system architecture, it is worth knowing that these benchmarks run about 800 pages on average and make over 300 recommendations within them. With all of these guidelines to comply with a solution that can meet at least ten of these controls can save your engineers many hours from having to manually centralise data.

As a result, The Logit.io platform has become an essential tool in the vulnerability management process for centralising logs, events and traces. Monitor your endpoints for any CIS control violations and make corrective actions in real time by leveraging the Logit.io CIS compliance solution. With Logit.io‘s extensive CIS compliance features, the platform can be used to meet various critical controls including 8.1, 8.2, 8.3, 8.5, 8.6, 8.7, 8.8, 8.9, 8.10, 8.11 and 8.12.

Comply With CIS GuidelinesComply With CIS Guidelines
calendar

Book A Demo

Want to request a demo or need to speak to a specialist before you get started? No problem, simply select a time that suits you in our calendar and a member of our technical team will be happy to take you through the platform and discuss your requirements in detail.

Book Your Demo
cis benchmarkscis benchmarks

What Are CIS Benchmarks?

The Center of Internet Security (CIS) Benchmarks are a set of globally recognized and consensus-driven best practices that provide guidance and assistance to security practitioners in the implementation, management, and enhancement of their cybersecurity defences.

These CIS benchmarks were developed with help from a global community of security experts in order to help organisations take proactive measures to safeguard themselves against emerging threats. It‘s important that companies use the CIS benchmark guidelines in order to limit configuration-based security vulnerabilities in their digital assets.

Centralising Audit Logs

It is generally accepted that there are two types of logs that are treated and configured independently: system logs and audit logs. Typically, system log files provide information on a system-level basis, such as when the system processes started or stopped, and when crashes occurred. This type of logging is native to the system, so it requires less configuration in order to be turned on. Typically, audit logs cover events that occur at the user level, events such as a user logging in or accessing a file. These require a greater amount of planning and effort before they can be set up for analysis.

Having a record of all log entries is crucial for responding to incidents when they occur. Immediately after an attack has been detected, enterprises may be able to gain a better understanding of the extent of the attack by analysing log files. When you maintain detailed log records, you will also be able to identify when and how the attack occurred, what information was accessed, and if any data was exfiltrated, for example. Furthermore, retaining log files is crucial in the case that a follow-up investigation is required or in the case that a long period of time elapsed before an attack was detected.

CIS SolutionCIS Solution

Companies Feel The Difference When They Use Logit.io

"Internally, Logit.io has made it easier for us to provide better support for our customers, since finding individual messages based on various data in the payload has become easier.

At Youredi, pretty much everyone from our technical support teams through to our professional services teams uses Logit.io."

Mats von Weissenberg, CTO @ Youredi

Youredi testimonial

audit log controls

Logit.io CIS Audit Log Solution

With Logit.io's extensive CIS compliance features, the platform can be used to meet various critical controls including 8.1, 8.2, 8.3, 8.5, 8.6, 8.7, 8.8, 8.9, 8.10, 8.11 and 8.12.

As a means of achieving compliance by implementing CIS Benchmarks, Logit.io can be configured to generate compliance dashboards which are direct derivatives of the official benchmarks themselves. These are required to audit your systems‘ configurations successfully and to ensure that a system is configured in a manner that meets the security standards recommended in CIS benchmarks.

It is essential for enterprises to collect and analyse logs in order to be able to detect malicious activities in a timely manner. Audit log records are sometimes the only proof that a breach has occurred. It is well known by attackers that while enterprises store audit logs in order to comply with regulations, they rarely analyse them for compliance purposes. As a result of poor or ineffective log analysis processes, attackers are sometimes able to sustain control over machines remotely for many months without anyone within the enterprise knowing about the infiltration.

Avoid The Need For Expensive SIEM

In previous versions of the CIS benchmarks, it was recommended to deploy a SIEM tool to centrally manage audit logs. This advice has since been redacted due to the fact that organisations may be able to meet CIS controls by using a centralised log management service instead.

According to the most recent guidelines, CIS practitioners are now taking steps to not be too prescriptive regarding which tools should be used to ensure compliance. You can avoid using a SIEM solution that might be more complex than what is needed to meet CIS benchmarks by regularly reviewing your logs.

If long retention periods are required, it may very well be cheaper to use cold cloud storage (such as Amazon S3). Logit.io offers users the option to store audit logs for long-term retention within hosted S3 deployments as part of its solution.

Logit.io provides an affordable solution to meet many of the CIS controls because it offers robust data storage, alerting, and support for using a variety of query expression languages. When these basics are all covered, this alone will meet many guidelines for running a CIS compliant system.

SIEM not required
ISO27001 Certified

Security and Compliance

As Logit.io puts the security and privacy of your operational data at the top of its priority list in all of our systems, you‘ll be glad to know that we are ISO certified and audited by UKAS. Moreover, we comply with GDPR, HIPAA and SOC2 along with being PCI DSS compliant as well.

Read all security standardsgo

Demonstrate CIS Compliance With The Following Controls:

  • 8.1: Establish and Maintain an Audit Log Management Process
  • 8.2: Collect Audit Logs
  • 8.3: Ensure Adequate Audit Log Storage
  • 8.5: Collect Detailed Audit Logs
  • 8.6: Collect DNS Query Audit Logs
  • 8.7: Collect URL Request Audit Logs
  • 8.8: Collect Command-Line Audit Logs
  • 8.9: Centralize Audit Logs
  • 8.10: Retain Audit Logs
  • 8.11: Conduct Audit Log Reviews
  • 8.12: Collect Service Provider Logs
  • cis compliance

    Ready to get going?

    Try our 14 day free trial

    Start Your Compliance Journey For CIS With Logit.io

    Start Free Trial

    © 2023 Logit.io Ltd, All rights reserved.