Posted On: Dec 4, 2017

This new Quick Start deploys a standardized environment that supports compliance with the Center for Internet Security (CIS) Benchmark for AWS Foundations. The Quick Start was built by AWS solutions architects and compliance experts in collaboration with Accenture, an AWS Premier Consulting Partner. 

CIS Benchmarks are consensus-based configuration guidelines developed by experts in US government, business, industry, and academic institutions to help organizations assess and improve their security.

This Quick Start implements the CIS AWS Foundations Benchmark, which is a set of security configuration best practices for hardening AWS accounts, and provides continuous monitoring capabilities for these security configurations. These industry-accepted best practices provide AWS users with clear, step-by-step implementation and assessment procedures. The goal of this Quick Start is to make the implementation of core AWS security measures straightforward for security teams and AWS account owners.

The Quick Start implements security configurations to support the CIS AWS Foundations Benchmark by creating AWS Config rules, Amazon CloudWatch alarms, and CloudWatch Events rules in your AWS account. The deployment is automated by customizable AWS CloudFormation templates and scripts that build and configure the environment in about 10 minutes.

To get started with the CIS AWS Foundations Benchmark, use the following resources:

If you need assistance with an enterprise implementation of the capabilities introduced through this Quick Start, AWS Professional Services can help you customize and tailor the templates for your specific use cases. Contact your AWS account manager for further information.

About Quick Starts

Quick Starts are automated reference deployments for key workloads on the AWS Cloud. Each Quick Start launches, configures, and runs the AWS compute, network, storage, and other services required to deploy a specific workload on AWS, using AWS best practices for security and availability. This is the latest in a series of Quick Starts that provide security-focused, standardized architecture solutions to help Managed Service Providers (MSPs), cloud provisioning teams, developers, integrators, and information security teams adhere to strict security, compliance, and risk management controls.