End of Life (EOL) for CIS-CAT Pro Assessor v3

Product Name

CIS-CAT Pro Assessor v3

Product Version



Nov 18, 2021

Version 3.0.76 will be the final release of CIS-CAT Pro Assessor v3.

Version 3.0.76 will be available for limited use through November 2022.


The requirement for v3.0.76 is JRE 8 or 11 as of this publication.

Limited Use Cases for CIS-CAT Pro Assessor v3

  • Utilize version 3.0.76 as previous versions have vulnerabilities in third party dependent libraries. See our informational article for more information: https://cisecurity.atlassian.net/wiki/spaces/SCFKB/pages/2371190918

  • Utilize standard and stable versions of Java Runtime Environment/Java Development Kit (JRE/JDK) or openJDK as defined in the User Guide.

  • Migrate vulnerability assessment processes to Assessor v4 as CVE information will no longer be updated in monthly releases

  • Perform configuration assessments for CIS Benchmarks officially supported with v3.0.76 and listed in the User Guide in the “Supported Benchmarks” section

    • Future and past CIS Benchmark assessment content may work, but is not guaranteed as no further testing will be performed by CIS for this version.

  • Perform configuration assessments using the CIS-CAT Pro Assessor v3 dissolvable bundle (now includes JRE 8 ) or develop custom workflows with Assessor v4 to utilize a shared JRE/JDK

  • Produce configuration assessment reports, when required to utilize an official SCAP validated tool


The Center for Internet Security’s Support Team will assist Members with questions regarding the availability of CIS-CAT Pro Assessor v3.0.76, but will no longer offer support on the function of the tool.

Keywords; EOL v3 3.0.76

Content by Label

Copyright © 2020

Center for Internet Security®