Resource background image


Harden Your Systems Using CIS and DISA STIGs Benchmarks

Mapping CIS & DISA benchmark standards to automated controls.

Back to White Papers

According to a 2020research study conducted by global intelligence firm IDC, “security misconfiguration/lack of system hardening” was one of the top security concerns indicated by 67% in the survey of 300 CISO’s. To further illustrate the challenge, Gartner Group predicts that over the next five years, "at least 99% of cloud security failures will be the customer’s fault." Many of these are errors resulting from misconfigurations or lack of system hardening.

With Chef Compliance, you can create and test secure Chef configuration Cookbooks and InSpec Compliance Profiles, based on the CIS and DISA STIG BenchmarksTM, identify issues rapidly and react quickly to triage and remediate problems, allowing you to protect against malware, insufficient authorization, and remote intrusion. This guide is written for members of both technical and compliance teams working with systems in any development environment.

This guide illustrates how to, at a minimum, use Chef Compliance to achieve system hardening by mapping CIS and DISA benchmark standards to automated controls. A recommended next step would be to use Chef Compliance to leverage CIS and DISA STIG BenchmarksTM best practices to harden your systems and achieve automated assessments into your continuous delivery workflow. Find out more about how Chef Compliance enables system security hardening by visiting


Download whitepaper

Loading animation