Uptycs Blog | Cloud Security Insights for Linux and Containers

Uptycs CIS SecureSuite Certification: K8s, Linux, Windows & AWS

Written by Laura Kenner | 1/5/24 1:00 PM

Uptycs is thrilled to announce its recognition as a certified CIS SecureSuite vendor, with new benchmarks for Kubernetes and various platforms, including Linux, Windows, AWS, and Cloud. This certification is a testament to our unwavering commitment to ensuring optimal security across diverse digital landscapes.

 

We are dedicated to not just maintaining, but continually enhancing our alignment with the CIS benchmark standards and versions. This is a living process, one that involves regular updates and an agile approach to adapting our solutions to support the latest compliance requirements and security best practices. 

Understanding the significance of CIS vendor certification

Being certified by the Center for Internet Security (CIS) signifies a robust alignment with high-level compliance benchmarks, embodying trust and excellence in cybersecurity. This global recognition underscores our adherence to stringent security protocols, ensuring our offerings are poised to tackle today's cybersecurity challenges effectively.

 

Uptycs CIS SecureSuite vendor certification coverage

Uptycs has received CIS Security Software Certification for a comprehensive range of CIS Security Benchmarks, highlighting its commitment to maintaining robust security standards. The certifications cover various environments and platforms, ensuring a broad spectrum of protection:
Amazon Web Services (AWS) Foundations: Both foundational levels of AWS are covered, ensuring cloud infrastructure security.


Kubernetes Benchmark: Complete coverage for Kubernetes environments includes both worker and master nodes across two levels, providing comprehensive security in container orchestration.


Microsoft Windows Server 2022: Extensive coverage for Windows Server 2022 includes benchmarks for domain controllers, member servers, and advanced next-generation Windows security, encompassing both primary levels.


Microsoft Windows 10 Enterprise: Security measures are in place for enterprise-level Windows 10 systems, ensuring a robust defense for this widely-used operating system.


CentOS Linux: The CentOS Linux server benchmark is included, catering to the security needs of this popular server operating system.


Ubuntu Linux: Multiple versions of Ubuntu Linux benchmarks are certified, including 18.04 LTS, 20.04 LTS, and the latest 22.04 LTS, all at a comprehensive security level for server environments.


This diverse range of certifications demonstrates Uptycs' commitment to ensuring high standards of security across various platforms and environments.

 

Our path to certification

1. Extensive research: We began our journey by conducting comprehensive research on CIS benchmarks for Linux, Windows, AWS Cloud, and Kubernetes. We needed to understand the requirements thoroughly to ensure our solutions were up to par.

2. Adaptation and development: We aligned our existing security solutions and practices with the CIS benchmarks. This involved updating configurations, adding security features, and fine-tuning our products to meet rigorous standards.

3. Testing and validation: Rigorous testing and validation were conducted on our products to ensure they met the benchmarks. This process was carried out by internal teams who evaluated the compliance of our solutions.

4. Documentation: Documentation played a crucial role throughout the certification process. We had to prepare extensive reports and documentation showcasing our adherence to the benchmarks and demonstrating our commitment to security.

5. Audit and feedback: An independent audit was conducted, and the CIS assessors provided feedback. We addressed any identified issues, making the necessary adjustments to meet the certification requirements.

6. Continuous improvement: Achieving CIS vendor certification is not a one-time event. It's an ongoing commitment to maintaining the highest security standards. We have implemented continuous improvement processes to ensure our solutions align with evolving CIS benchmarks.

 

Figure 1 - Uptycs Kubernetes compliance console showing CIS benchmarks

 

Uptycs: Your partner for compliance and audit

Uptycs simplifies audits by unifying data from various environments, allowing a comprehensive evaluation of cloud compliance posture from a single platform. With customizable compliance checks, efficient monitoring across diverse asset groups, and quick access to compliance posture across different environments like endpoint, container, Kubernetes, and cloud environments, Uptycs is instrumental in optimizing an organization's compliance strategies

Our compliance dashboards provide instant visibility into your real-time compliance posture across all configured standards, helping you to efficiently manage and report on a variety of regulatory standards, including CIS Benchmarks, SOC 2, PCI-DSS, HIPAA, NIST 800 Series, DISA STIG, and ISO 27001.

 

Conclusion

Obtaining CIS vendor certification for Linux, Windows, AWS Cloud, and various Kubernetes flavors is a testament to our commitment to providing top-notch cloud security solutions. We've embraced the challenge of meeting the stringent CIS benchmarks and have emerged with stronger, more secure products. As we move forward, we will prioritize security and remain dedicated to gaining customer trust.