Updating Tailored Benchmark Best Practice
- Nick Romanzo
- Allan Cornwell
Product Name
CIS WorkBench
Product Version
N/A
Date
Jan 13, 2025
Problem
What is the best practice to update my organizations tailored Benchmarks? Is there a way to pull new changes from the most recent benchmarks into the ones I have already modified?
Solution
Users should duplicate their tailored benchmark to preserve any Customizations prior to running the pull-changes. The Pull action will make proposed changes for anything that is different between the Tailored Benchmark and the new CIS Benchmark release. The user will need to accept those changes after it completes. The changes might add/remove custom Profiles on individual Recommendations.
Example of what Pull Changes will look like on a Tailored Benchmark:
If you are merging changes from a v1 Benchmark to a v2 publication, there may be a significant number of structural changes between the two releases that render an automatic Pull prone to issues (as the system does not evaluate whether such a merge is feasible). For major releases (ex v1 → v2), we generally recommend Forking the new baseline v2 Benchmark and applying any tailored Recommendation changes & desired custom Profiles on top of it. When a new minor revision is released (such as v2.0.0 → v2.0.1), these can then safely be pulled via the automatic change processing system, as the overall Benchmark structure remains the same for these types of updates.
Keywords; Tailored Benchmark Pull Changes
Content by Label