Quick Start Guide: Tailoring Benchmarks
Requirements
Forking and benchmark customization are only available for Secure Suite Members.
You are required to join the corresponding Benchmark Community to obtain access to Benchmark Customization. To join a community, go the the communities page, find the relevant community and select join:
Tailoring Benchmark list:
Implementation Steps
Sign into WorkBench
Go to the Benchmark tab and search for the specific benchmark you would like to tailor.
Select and then press the Fork option. (If the Fork button is greyed out, you must first join the Benchmark community. See picture example above)
Forking will duplicate the benchmark by taking a branch of the original benchmark.
You can rename the duplicate benchmark to something of your choosing.
The duplicate will be unique to your organization.
Once submit is pressed a duplicate is created with the company name in the title.
Only members of your organization can access this custom benchmark.
You will receive a confirmation when the duplication has been completed.
The left side of the duplicated benchmark panel will contain the policies of the benchmark. You can customize/tailor specific benchmarks by clicking edit.
Editing
Change value (left side)
The right side has the benchmark profiles. You can apply changes to specific profiles or all the profiles.
Explain why changes are made from the default CIS recommendations in the additional information section.
After editing you can export the benchmark:
Word file - shows all the details of your benchmark
Excel - shows all the details of your edited benchmark.
XXCDF + AE (.xml)
XCCDF+OVAL - copy and paste into the Benchmarks folder to run Assessor according to the customized benchmark
Troubleshooting Articles:
Links for additional information:
Copyright © 2022 Center for Internet Security® Privacy Policy