Quick Start Guide: Tailoring Benchmarks

Requirements

  • Forking and benchmark customization are only available for Secure Suite Members.

  • You are required to join the corresponding Benchmark Community to obtain access to Benchmark Customization. To join a community, go the the communities page, find the relevant community and select join:

image-20240916-194932.png

Ā 

Implementation Steps

  1. Sign into WorkBench

  2. Go to the Benchmark tab and search for the specific benchmark you would like to tailor.

  3. Select and then press the Fork option. (If the Fork button is greyed out, you must first join the Benchmark community. See picture example above)

  4. Forking will duplicate the benchmark by taking a branch of the original benchmark.

    1. You can rename the duplicate benchmark to something of your choosing.

    2. The duplicate will be unique to your organization.

  5. Once submit is pressed a duplicate is created with the company name in the title.

    1. Only members of your organization can access this custom benchmark.

  6. You will receive a confirmation when the duplication has been completed.

  7. The left side of the duplicated benchmark panel will contain the policies of the benchmark. You can customize/tailor specific benchmarks by clicking edit.

  8. Editing

    1. Change value (left side)

    2. The right side has the benchmark profiles. You can apply changes to specific profiles or all the profiles.

    3. Explain why changes are made from the default CIS recommendations in the additional information section.

  9. After editing you can export the benchmark:

    1. Word file - shows all the details of your benchmark

    2. Excel - shows all the details of your edited benchmark.

    3. XXCDF + AE (.xml)

    4. XCCDF+OVAL - copy and paste into the Benchmarks folder to run Assessor according to the customized benchmark

Troubleshooting Articles:

Ā 

Ā 

Ā 


Ā 

Copyright Ā© 2022 Center for Internet SecurityĀ® Privacy Policy

Ā 


Ā