Benchmarks

---

Introduction

The Benchmarks area of the CIS SecureSuite Platform is where you can view configuration assessments results of your target security state against the CIS Benchmarks.

What are the CIS Benchmarks?

The CIS Benchmarks are guidelines for hardening specific operating systems, middleware, software applications, and network devices.

This guide explains how to use the Benchmarks area of the CIS SecureSuite Platform:

• Get Started with Configuration Assessments
• Benchmarks Console
• Benchmark Assessments
• Target Systems
• Reports
• Inbox

Get Started with Configuration Assessments

To give you a general sense of how the Benchmarks modules connect, here is how you might start working with configuration assessments.

• Assess in CIS SecureSuite Platform
• Import Assessment Results from CIS-CAT Pro Assessor

Info

Importing configuration assessments automatically adds the assessed target systems to the CIS SecureSuite Platform.

Assess in CIS SecureSuite Platform

1. Add target system.
2. Assess the added target system.
3. Select the target system.
4. View configuration assessment results and add exceptions as needed.
5. Export the configuration assessment results or any other report for sharing.

Import Assessment Results from CIS-CAT Pro Assessor

1. Assess the target systems using CIS-CAT Pro Assessor.
2. Import the configuration assessment results manually or via the REST API.
3. View configuration assessment results and add exceptions as needed.
4. Export the configuration assessment results or any other report for sharing.

Benchmarks Console

The Benchmarks Console provides a high-level overview of organizational conformance with the CIS Benchmarks over time.

Views

There is a view for each aggregation type:

• Overview
• Benchmark View
• Tag View
• Target System View

Overview

Overview displays the average of all configuration assessment scores by month.

Drill down

1. Go to Benchmarks Console > Overview.
2. Select a datapoint to drill down to the week, day, and individual result.

Tip

If you select a datapoint at the result level, you will be taken to the according assessment result.

Benchmark View

Benchmark View shows assessment results aggregated by Benchmark. This view allows you to compare compliance across various CIS Benchmarks.

Actions

• Add Favorite Benchmark
• Remove Favorite Benchmark
• Display Benchmarks on Chart
• Drill down

Add Favorite Benchmarks

1. Go to Benchmarks Console > Benchmark View.
2. Select Add Benchmarks.
3. Select a Benchmark, version, and profile.

4. Select Save to finish.

The Benchmark will be added to the Favorite Benchmarks list. Favorited Benchmarks can be displayed on the chart.

Remove Favorite Benchmark

1. Go to Benchmarks Console > Benchmark View.
2. Select Delete for the target system.
3. Select Delete to confirm the removal.

Display Benchmarks on Chart

1. Go to Benchmarks Console > Benchmark View.
2. From your Favorite Benchmarks, select Benchmarks to display their scores on a line chart.

Once at least one Benchmark is selected, the line chart will appear with the scores populated. Each Benchmark is represented with its own line.

Drill down

1. Go to Benchmarks Console > Benchmark View.
2. Select a datapoint to drill down to the month, day, and individual result.

Tip

If you select a datapoint at the result level, you will be taken to the according assessment result.

Tag View

Tag View allows you to aggregate compliance results for a group of target systems with the same tag or multiple tags. Each tag is represented by its own line, so you can compare results across multiple tags.

Where do I add tags to target systems?

Add tags in bulk on the Target Systems Homepage or individually on a Target System Page.

Actions

• Display Tags on Chart
• Drill down

Display Tags on Chart

1. Go to Benchmarks Console > Tag View.
2. Enter tags.

Removing tags

Select the x to remove entered tags.

Once at least one tag is entered, the line chart will appear with the scores populated. Each tag is represented with its own line.

Drill down

1. Go to Benchmarks Console > Tag View.
2. Select a datapoint to drill down to the week, day, and individual result.

Tip

If you select a datapoint at the result level, you will be taken to the according assessment result.

Target System View

Target System View shows configuration assessments results aggregated by target system.

Actions

• Add Favorite Target Systems
• Remove Favorite Target System
• Display Target System on Chart
• Drill Down

Add Favorite Target Systems

1. Go to Benchmarks Console > Target System View.
2. Select Add Target Systems.
3. (Optional) To narrow down the search, enter a target primary ID or tags to include or exclude.

4. Select Search to bring up your list of target systems.
5. Under the Selected column, select the checkboxes of the target systems you want to add as favorites.

6. Select Add Target Systems to finish.

The target system will be added to the Favorite Target Systems list. Favorited target systems can be displayed on the chart.

Remove Favorite Target System

1. Go to Benchmarks Console > Target System View.
2. Select the Remove icon for the target system.
3. Select Delete to confirm the removal.

Display Target System on Chart

1. Go to Benchmarks Console > Target System View.
2. From your Favorite Target Systems, select target systems to display them on a line chart.

Once at least one target system is selected, the line chart will appear with the scores populated. Each tag is represented with its own line.

Drill down

1. Go to Benchmarks Console > Target System View.
2. Select a datapoint to drill down to the week, day, and individual result.

Tip

If you select a datapoint at the result level, you will be taken to the according assessment result.

---

Benchmark Assessments

View and manage configuration assessment results reports.

Benchmark Assessments Homepage

Import, view, and delete Benchmark assessments.

Actions

• Import Assessment Results
• Search for Assessment Reports
  • View Assessment Reports
  • Delete Assessment Reports

Import Assessment Results

Manually import assessment results in Asset Reporting Format (ARF) in XML. The system will not import a duplicate result.

1. Go to Benchmark Assessments.
2. Select Import Assessment Results.
3. Select Choose File.

4. Select the XML file.
5. Select Upload.

The import process takes about a minute and runs in the background, so you can complete other tasks while the import is ongoing.

Info

Importing assessment results will automatically add the assessed target system to the CIS SecureSuite Platform.

Search for Assessment Reports

To view or delete your assessment reports, you first need to search for them.

1. Go to Benchmark Assessments.
2. (Optional) Complete the fields to narrow down your search results:

• Date Range: Select the date range between which the assessments occurred.
• Target Primary ID: Enter a target identifier (e.g., hostname, IP, etc.).
• Include Tags: Enter tags to include in search. Use and/or to specify the operator between tags.
• Exclude Tags: Enter tags to exclude in search.
• Benchmark: Select the Benchmark that the target systems were assessed against.

3. Select Search to bring up the list of assessment reports.

View Assessment Reports

• After searching for assessment reports, select View for the assessment report to see it in detail.

Delete Assessment Reports

Flag assessment reports for deletion and remove them from all charts and lists. The actual deletion occurs during the hours specified by your System Admin in System Settings.

1. After searching for assessment reports, select the checkboxes of the assessment reports to delete.
2. Select Delete Report.

3. Select Delete to confirm.

Tip

Perform routine backups of your database as the deletion process is permanent.

Configuration Assessment Results

View and export the complete results of a Benchmark assessment. Also, configure group exceptions to calculate a score that better reflects your organization’s security posture.

Sections

• Report Actions
• Report Information
• Results View
• CIS Controls View
• Exceptions List

Report Actions

• Export Results
• Delete Results

Export Results

1. Go to Benchmark Assessments, search for an assessment, and select one to view the configuration assessment results report.
2. Select Export and then the desired format.

3. Save the file in the desired directory.

Delete Results

This process flags the assessments for deletion and removes them from all charts and lists. The actual deletion occurs during the hours specified by your system administrator in System Settings.

1. Go to Benchmark Assessments, search for an assessment, and select one to view the view the configuration assessment results report.
2. Select Delete.
3. Select Delete to confirm.

Tip

Perform routine backups of your database routinely as the deletion process is permanent.

Report Information

View the assessment's background information and overall score.

Field	Description
Benchmark	The Benchmark against which the target system was assessed. - Select the name of the Benchmark to view it in detail.
Profile	The Benchmark profile. Each profile has its own set of Recommendations.
Target Primary ID	The Benchmark against which the target system was assessed. - Select the ID to go to the target system.
Start Time	The start time of the assessment.
End Time	The end time of the assessment.
Report Score	The assessment score is calculated as follows: Count of Pass Results / Count of Recommendations Assessed

Note

Excepted Recommendations are left out of the report score.

CIS Controls Version

The Controls version the Benchmark is mapped to in the CIS Controls View

1. Go to Benchmark Assessments, search for an assessment, and select one to view the view the configuration assessment results report.
2. Select the CIS Controls Version dropdown and choose a different Controls version.

Results View

The Results View organizes the Benchmark's recommendations into sections or groups. Each section has a result summary, score, and list of recommendations. You can also add exceptions by group, sub-group, or Recommendation.

Actions

• Expand/Collapse Groups, Sub-Groups, and Recommendations
  • View Result Summary
  • Add Exceptions

Expand/Collapse Groups, Sub-Groups, and Recommendations

1. Go to Benchmark Assessments, search for an assessment, and select one to view the configuration assessment results report.
2. Select a section to expand/collapse it.

You can expand/collapse all the way down to individual recommendations:

View Result Summary

A breakdown of the assessment results and score at the group or sub-group level. For a recommendation to pass, all its checks/tests must pass.

Result	Value
Pass	Count of checks or tests meeting the criteria specified by the Recommendation.
Fail	Count of checks or tests not meeting the criteria specified by the Recommendation.
Error	Count of checks or tests that resulted in an error.
Unknown	Count of checks or tests where CIS-CAT was unable to determine if the criteria of the test was met.
Excepted	Count of Recommendations excepted from the score.
Scored Recommendation Total	Total count of Recommendations that could result in a pass or fail.
Section Score	Percent of Recommendations passed in a given section: ((Score/Max) x 100).

Automated and Manual Recommendations

Some CIS Benchmark Recommendations may not be supported for automation in CIS-CAT. This can result in differences occurring between the CIS Benchmark PDF Recommendations identified as “Automated” and the CIS-CAT report. An “Automated” Recommendation means that the CIS Benchmark Community has determined that this Recommendation can potentially be fully assessed to a pass/fail state by a configuration assessment tool. In cases where CIS-CAT does not support a given “Automated” Recommendation it will be reported as “Manual” in the CIS-CAT report.

Add Exceptions

Apply exceptions to a group, sub-group, or Recommendation. If an exception has already been applied, you must edit the existing one or delete it and add a new one.

What are exceptions?

Exceptions allow you to exclude a Recommendation or groups of Recommendations from configuration assessment scores.

1. With a group, sub-group, or Recommendation expanded, select Add Group Exception or Add Exception.
2. Complete fields as follows:

• Start Date: Select a start date to apply the exception.
• End Date: Select an end date for the exception. It defaults to the assessment's end date.
• Rationale: Enter the reasons why the exception is necessary.
• Tags: Enter the tags of the target systems to which the exception will apply.
• Global?: Enable to apply the exception to all target system regardless of the entered tags.

3. Select Add Exception.

Before the exception is applied, a system administrator must approve the exception request received in their Inbox.

Editing Exceptions

Edit exceptions by going to Reports > Exceptions. You have the ability to "remove" exceptions when editing them.

CIS Controls View

The CIS Controls View shows the mappings between the Benchmark and CIS Controls. Leverage this information when identifying which Recommendations represent or support a Control.

• The number in brackets indicates the count of Recommendations mapped to a Sub-Control.
• Empty brackets indicate that there are no Recommendations are mapped to a Sub-Control.

Note

Not all Benchmarks will be mapped to a Control. Only the latest Benchmark versions will be mapped to the latest version of Controls.

Actions

• Expand Mappings
  • Add Exceptions

Expand Mappings

1. Go to Benchmark Assessments, search for an assessment, and select one to view the configuration assessment results report.
2. Go to Controls View.
3. Select the sections to expand them and view details about the Control, Sub-Control, or Recommendation.

You can expand sections down to the individual recommendations mapped to each Sub-Control.

Add Exceptions

If you drill down to the Recommendation level, you can apply exceptions. If an exception has already been applied, you must edit the existing one or delete it and add a new one.

1. With a mapping expanded, select Add Exception.
2. Complete fields as follows:

• Start Date: Select a start date to apply the exception.
• End Date: Select an end date for the exception. It defaults to the assessment's end date.
• Rationale: Enter the reasons why the exception is necessary.
• Tags: Enter the tags of the target systems to which the exception will apply.
• Global?: Enable to apply the exception to all target system regardless of the entered tags.

3. Select Add Exception.

Before the exception is applied, a system administrator must approve the exception request received in their Inbox.

Editing Exceptions

Edit exceptions by going to Reports > Exceptions. You have the ability to "remove" exceptions when editing them.

Exceptions List

A list of active exceptions associated with the selected configuration result. Exceptions may be associated per target system, per tag associated with the selected target system, or per Benchmark (global).

---

Target Systems

Add, configure, and assess target systems.

Target Systems Homepage

The Target Systems Homepage shows a list of all your target systems. Add target systems or drill in to specific target systems to view, edit, or manage them.

Actions

• Add Target System
• Search for Target Systems
  • Add/Remove Tags for Multiple Target Systems
  • Go to Target System Page

Add Target System

Note

While target systems can be manually created following the instructions below, they are automatically created when you import a configuration assessment into the CIS SecureSuite Platform.

1. Go to Target Systems.
2. Select Add Target System.
3. Enter a target primary ID (e.g., hostname, IP address, etc.).

4. Select Add Target System to confirm.

Search for Target Systems

1. Go to Target Systems.
2. (Optional) Complete the fields to narrow down your search results:

• Date Range: Select the date range between which the assessments occurred.
• Target Primary ID: Enter a target identifier (e.g., hostname, IP, etc.).
• Include Tags: Enter tags to include in search. Use and/or to specify the operator between tags.
• Exclude Tags: Enter tags to exclude in search.
• Benchmark: Select the Benchmark that the target systems were assessed against.

3. Select Search to bring up the list of target systems.

Add/Remove Tags for Multiple Target Systems

Group target systems by assigning them tags. You can set CIS Benchmark exceptions or filter your list of target systems by tag.

1. After searching for target systems, select the checkboxes for the target systems and then Add/Remove Tags.

2. Add or remove tags as follows:

• In the Add Tags field, enter new tags or existing ones.
• In the Remove Tags field, enter tags you want to remove.

3. Select Apply to finalize tag assignment.

Tip

Assign tags to individual target systems through its Target System Page.

Go to Target System Page

Each target system has a dedicated Target System Page, which allows you to assess and configure that target system.

• After searching for target systems, select the target primary ID of the target system to go to its dedicated page.

Target System Page

Assess and configure a target system.

Page Actions

• Assess Target System
• Add/Remove Tags
• Delete Target System

Assess Target System

Remote assessments are powered by CIS-CAT Pro Assessor, which is embedded in the CIS SecureSuite Platform. Learn more about preparing your endpoints for remote assessment in the CIS-CAT Pro Assessor Guide for Windows and Linux.

1. Go to Target Systems then search for and select a target system.
2. Select Assess.
3. Configure fields as follows:

• Username: Enter username of a user with elevated privileges (e.g., root or user with sudo privileges for SSH).
• Password: Enter the password of the above user to access the remote target system.
• Target System Type: Select the session type of the host system.
• Port: Enter the port number on which communication occurs between the CIS SecureSuite Platform and the target system.
• IP Address/Hostname: Enter the primary active IP address or hostname that designates the location of the target system.
• Temporary Path (Optional): Select Browse to identify a different destination directory from the default. The above user must have read/write access to the designated directory.
• Benchmarks: Select the Benchmark to use for the assessment.
• Profile: Select the Benchmark profile. The target system will be assessed against the profile's Recommendations.

Note

Ensure the target system has been configured for assessment.

4. Select Start Assessment.

Track Assessment Status

To track the status of assessments, go to your Job List.

Add/Remove Tags for Single Target System

1. Go to Target Systems then search for and select a target system.
2. In the Tags field: - Enter new tags or existing ones. - Remove tags by selecting x.

Delete Target System

Deleted target systems cannot be recovered.

1. Go to Target Systems then search for and select a target system.
2. Select Delete.
3. Select Delete to confirm.

Tabs

• System Identifiers: Contains all alert types except for exception requests.
• Configuration Assessments: View the target system's assessments and exceptions.

System Identifiers

View, edit, and delete the target system's identifiers. System identifiers determine what information about a target system is displayed in lists and search results.

Actions

• Add System Identifier
• Edit System Identifier
• Delete System Identifier

Add System Identifier

1. Go to Target Systems then search for and select a target system.
2. Select Add Identifier.
3. Configure as follows:

• Identifier Type: Select the identifier type (e.g., hostname, IP address, etc.).
• Value: Enter the value in accordance with the identifier type.
• Primary?: (Optional) Select the checkbox if you want this identifier to be the target system's primary target ID.

4. Select Add Identifier to finish.

Edit System Identifier

1. Go to Target Systems then search for and select a target system.
2. Select the Edit icon .
3. Edit any of the fields as follows:

• Identifier Type: Select the identifier type (e.g., hostname, IP address, etc.).
• Value: Enter the value in accordance with the identifier type.
• Primary?: Select the checkbox if you want this identifier to be the target system's primary target ID.

4. Select Save to finish.

Delete System Identifier

Deleted system identifiers cannot be recovered.

1. Go to Target Systems then search for and select a target system.
2. Select the Delete icon for the system identifier.
3. Select Delete to confirm.

Configuration Assessments

Manage the target system's assessments and view exceptions.

Actions

• Expand/Collapse Assessment View
  • Go to Assessment Results
  • Compare Assessment Results
  • Delete Assessment
• View Exceptions

Expand/Collapse Assessment View

1. Go to Target Systems then search for and select a target system to go to its dedicated page.
2. Go to the Configuration Assessments tab.
3. Select an assessment to expand/collapse its view.

When the view is expanded, you should see more details about the assessment and actions:

Go to Assessment Results

• With a view expanded, select the View Assessment icon to go to the configuration assessment results.

Compare Assessment Results

Generate a Difference Report, which shows a comparison of two configuration assessment results. The report highlights configuration changes (rules status and scores), for example when some rules were passing, and are now failing.

1. With a view expanded, select the Generate Difference Report icon.
2. Select one of the options:

• Compare with immediate previous result for same profile: - If applicable, the selected assessment result will be compared to the immediate previous assessment result for the same target system, Benchmark version and profile.
• Compare with any other results: This option forwards the user to an intermediate search page.

3. (If Compare with any other results chosen) Search for and select the assessment result for comparison.

The user is redirected to the Configuration Assessment Difference Report page.

Delete Assessment

Deleted assessments cannot be recovered.

1. With a view expanded, select the Delete icon .
2. Select Delete to confirm.

View Exceptions

View a list of exceptions associated with the target system.

1. Go to Target Systems then search for and select a target system to go to its dedicated page.
2. Go to the Configuration Assessments tab.
3. To see further details about exceptions, select a link under Title.

Reports

Reports allows you to view reports and export them to share with others.

• Last Scan Failed Results
• Exceptions
• Remediation
• Complete
• Assessment
• Benchmarks

Last Scan Failed Results

Generate a report showing all failed recommendations in a selected Benchmark from the most recent assessment, as well as how many target systems failed each recommendation.

Actions

• Search for Last Scan Failed Results
  • Export Last Scan Failed Results Report

Search for Last Scan Failed Results

1. Go to Reports.
2. Complete the following fields to narrow down the results to be exported:

• Benchmark: Select the Benchmark.
• Version: Select the version of the Benchmark.
• Profile: Select the Benchmark profile.
• Include Tags: (Optional) Enter new tags or existing ones.
• Exclude Tags: (Optional) Enter existing tags.

3. Select Search.

A list of failed recommendations will appear:

Export Last Scan Failed Results Report

1. Search for failed scan results.
2. Select Export to download a .CSV report with the search results. 3. Save the export in your desired location.

The report should look like this:

Tip

For CIS Benchmarks mapped to CIS Controls V8, sort by Implementation Group 1 for the most important Recommendations to remediate first.

Exceptions

View proposed and accepted exceptions to your Benchmarks.

Actions

• Search for Exceptions
  • Edit Exceptions

Search for Exceptions

1. Go to Reports > Exceptions.
2. (Optional) Fill out the fields to narrow down the search results:

• Target Primary ID: Enter a target identifier (e.g., hostname, IP, etc.).
• Date Range: Select the date range between which the assessments occurred.
• Benchmark: Select one or more Benchmarks.
• Type: Select one or more exception types.
• Include Tags: Enter tags to include in search. Use and/or to specify the operator between tags.
• Exclude Tags: Enter tags to exclude in search.
• Show Only Active: Enable to include only active exceptions in the search results.

3. Select Search.

A list of exceptions will appear:

Edit Exceptions

1. Search for exceptions.
2. Select the Edit icon for the exception.
3. Edit the necessary fields.

Removing Exceptions

Currently, the CIS SecureSuite Platform does not have a feature to remove exceptions. You can workaround that by selecting the same date for the Start Date and End Date.

4. Select Submit to finish.

Remediation

Generate a report with remediation steps for each failed recommendation in a given assessment.

Note

Excepted recommendations given the Failed status will appear in the report.

Actions

• Search for Target Systems with Remediation Data
  • Export Remediation Report

Search for Target Systems with Remediation Data

1. Go to Reports > Remediation.
2. (Optional) Fill out the fields to narrow down the search results:

• Target Primary ID: Enter a target identifier (e.g., hostname, IP, etc.).
• Include Tags: Enter tags to include in search. Use and/or to specify the operator between tags.
• Exclude Tags: Enter tags to exclude in search.

3. Select Search.

Go to Target System Page or Configuration Assessment

Select a target primary ID to go to the relevant Target System Page or Benchmark to go to the configuration assessment.

Export Remediation Report

1. Search for target systems.
2. Select the checkboxes of the target systems to include in the report.
3. Select Remediation Report.

You will see a preview of the Remediation Report:

4. Select Export and then the file format.
5. Save the export in your desired location.

Complete

All recommendation results for a Benchmark configuration assessment.

Actions

• Search for Target Systems
  • Export Complete Report

Search for Target Systems

1. Go to Reports > Complete.
2. (Optional) Fill out the fields to narrow down the search results:

• Target Primary ID: Enter a target identifier (e.g., hostname, IP, etc.).
• Include Tags: Enter tags to include in search. Use and/or to specify the operator between tags.
• Exclude Tags: Enter tags to exclude in search.

3. Select Search.

Export Complete Report

1. Search for target systems.
2. Select the checkboxes of the target systems to include in the report.
3. Select Complete Report.

You will see a preview of the Remediation Report:

3. Select Export and then the file format.
4. Save the export in your desired location.

Assessment

View information about completed, pending, or errored-out assessments.

Search for Jobs

1. Go to Reports > Assessment.
2. (Optional) Fill out the fields to narrow down the search results:

• Target Primary ID: Enter a target identifier (e.g., hostname, IP, etc.).
• Date Range: Select the date range between which the assessments occurred.
• Benchmark: Select one or more Benchmarks.
• Requested By: Select the user who started the job.
• Status: Select the job status.

2. Select Search.

Job List

Column	Description
Job ID	Sequential, system-generated numbers used to help identify requests.
Target Primary ID	The Primary ID for the target system where an assessment was requested.
Benchmark and Profile	The name of the Benchmark and profile used for the evaluation of the target system.
Status	Shows the life cycle of the request: - Pending: CIS-CAT Pro Assessor confirmed receipt of assessment request, waiting for the CIS SecureSuite Platform to start assessment activity. - In Progress: Assessment activity has started. - Error: Assessment could not start or encountered an error and could not finish. Hover over Error to learn more about the problem. - Assessment Complete: The assessment has completed. This status does not represent viewing status in the CIS SecureSuite Platform. The report may be in the process of uploading if Assessor Service has been configured to send reports as a POST request to the CIS SecureSuite Platform via the API. If the API has not been configured or there is an issue uploading, then the report will not be viewable in the the CIS SecureSuite Platform.
Requested By	The user who requested the assessment.
Start Date	The date and time of when the assessment was requested.
End Date	The date and time of when an assessment report was generated.

Job Status Errors

Errors can arise preventing assessments from running successfully. Refer to Resolve Job Status Errors for guidance on troubleshooting job status errors.

Benchmarks

View details about CIS Benchmarks related to imported assessments.

Go to Benchmark Information

1. Go to Reports > Benchmarks.
2. Select a Benchmark to view detailed information and assessment results.

Benchmark Information

View detailed information on a Benchmark and configuration assessment results. You can also add exceptions to Recommendations.

Export to XML

If you have customized a Benchmark, you may want to export the XML file to have it available for later use.

1. Go to Reports > Benchmarks and select a Benchmark.
2. Select Export to XML.
3. Save the file in your desired location.

Tabs

• General
• Profiles
• Recommendations
• Results

General

View general details about the Benchmark and change the CIS Controls version to which the Benchmark's Recommendations will be mapped.

Change CIS Controls Version

1. Go to Reports > Benchmarks and select a Benchmark.
2. From the CIS Controls Version dropdown, select a version.

Profiles

View the Benchmark's profiles and their recommendations.

View Profile Details and Recommendations

1. Go to Reports > Benchmarks and select a Benchmark.
2. Go to Profiles.
3. Select a profile to expand it and see its details.

Recommendations

Explore the Benchmark's recommendations, mappings to Controls, and manage exceptions.

Tabs

• Results View
• CIS Controls View
• Exceptions List

Results View

The Results View organizes the Benchmark's Recommendations into sections or groups. You can also add exceptions by group, sub-group, or Recommendation.

Actions

• Expand/Collapse Groups, Sub-Groups, and Recommendations
  • Add Exceptions

Expand/Collapse Groups, Sub-Groups, and Recommendations

1. Go to Reports > Benchmarks and select a Benchmark.
2. Go to Recommendations.
3. Select a section to expand it.

You can expand/collapse all the way down to individual recommendations:

Add Exceptions

Apply exceptions at the group, sub-group, or Recommendation level. If an exception has already been applied, you must edit the existing one or delete it and add a new one.

1. With a group, sub-group, or Recommendation expanded, select Add Group Exception or Add Exception.
2. Complete fields as follows:

• Start Date: Select a start date to apply the exception.
• End Date: Select an end date for the exception. It defaults to the assessment's end date.
• Rationale: Enter the reasons why the exception is necessary.
• Tags: Enter the tags of the target systems to which the exception will apply.
• Global?: Enable to apply the exception to all target system regardless of the entered tags.

3. Select Add Exception.

Before the exception is applied, a system administrator must approve the exception request received in their Inbox.

Editing Exceptions

Edit exceptions by going to Reports > Exceptions. You have the ability to "remove" exceptions when editing them.

CIS Controls View

The CIS Controls View shows the mappings between the Benchmark and CIS Controls. Leverage this information when identifying which Recommendations represent or support a Control.

• The number in brackets indicates the count of Recommendations mapped to a Sub-Control.
• Empty brackets indicate that there are no Recommendations mapped to a Sub-Control.

Note

Not all Benchmarks will be mapped to a Control. Only the latest Benchmark versions will be mapped to the latest version of Controls.

Actions

• Expand Mappings
  • Add Exceptions

Expand Mappings

1. Go to Reports > Benchmarks and select a Benchmark.
2. Go to CIS Controls View.
3. Select the sections to expand them and view details about the Control, Sub-Control, or Recommendation. You can expand sections down to the individual Recommendations mapped to each Sub-Control.

Add Exceptions

If you drill down to the Recommendation level, you can apply exceptions. If an exception has already been applied, you must edit the existing one or delete it and add a new one.

1. With a mapping expanded, select Add Exception.
2. Complete fields as follows:

• Start Date: Select a start date to apply the exception.
• End Date: Select an end date for the exception. It defaults to the assessment's end date.
• Rationale: Enter the reasons why the exception is necessary.
• Tags: Enter the tags of the target systems to which the exception will apply.
• Global?: Enable to apply the exception to all target system regardless of the entered tags.

3. Select Add Exception.

Before the exception is applied, a system administrator must approve the exception request received in their Inbox.

Editing Exceptions

Edit exceptions by going to Reports > Exceptions. You have the ability to "remove" exceptions when editing them.

Exceptions List

A list of active exceptions associated with the selected configuration result. Exceptions may be associated per target system, per tag associated with the selected target system, or per Benchmark (global).

Results

Results shows all the configuration assessments performed against the Benchmark.

Go to Configuration Assessment

1. Go to Reports > Benchmarks and select a Benchmark.
2. Go to Results.
3. Select the assessment to go to the configuration assessment results.

Inbox

Inbox is where you receive alerts and exception requests. The bubble next to the module will indicate how many unread messages you have.

Tabs

• Inbox: Contains all alert types except for exception requests.
• My Tasks: Contains messages about Benchmark exception requests waiting your approval.
• Trash: Contains deleted messages.

Actions

• Open Message
• Mark as Read/Unread
• Delete Message
• Approve/Reject Exception Request

Open Message

1. Go to Inbox and then the desired tab.
2. Select a message to view its content and related information.

Mark as Read/Unread

1. Go to Inbox and then the desired tab.
2. Use the checkboxes to select messages.
3. Select Mark as Read/Unread.

Delete Message

Deleted messages cannot be recovered.

1. Go to Inbox and then the desired tab.
2. Use the checkboxes to select messages.
3. Select Delete Selected.

When you delete a message, it will first go to the Trash tab. From there, delete it again to finalize the deletion.

Approve or Reject Exception Request

Specific to the My Tasks tab, users can approve exception requests. Exception requests must be approved before they are applied to a group or Recommendation.

1. Go to Inbox > My Tasks.
1. Select an exception request.
2. Review the information and select Approve or Reject.

Note

If an exception request is rejected, a new one must be created.