Overview
Compliant Enterprise Ready
Go beyond the baseline with a production-ready, CIS Level 1 hardened Ubuntu 24.04 LTS AMI, architected for enterprises that demand security, compliance, and provability. While standard hardened images meet the benchmark, this AMI delivers a complete, audit-ready solution out-of-the-box, saving your security and DevOps teams hundreds of hours in configuration, tool deployment, and audit preparation.
This is more than a hardened OS; it's a secure foundation designed for your business-critical applications on AWS. We provide a fully automated and transparent hardening process, complete with a comprehensive suite of pre-configured security tools and detailed reports that offer an unparalleled audit trail of all actions taken.
Key Differentiators: Go Beyond Baseline Hardening
Built-in Threat Defense Suite: Unlike other images, this AMI includes a pre-configured suite of industry-standard security tools, providing active threat detection from the moment you launch. This includes ClamAV for anti-malware, rkhunter and chkrootkit for rootkit scanning, and AIDE for file integrity monitoring (a key requirement for PCI 4.0 DSS).
Unmatched Transparency with Audit-Ready Reporting: Every instance launched from this AMI includes the /home/ubuntu/SiXCraft_Hardened_Reports directory. This folder provides a complete, human-readable audit trail of the hardening process, including pre- and post-hardening package lists, a detailed log of every command executed, and a list of SUID/SGID files for your review drastically simplifying evidence gathering for auditors.
Ready for Cloud-Native Monitoring: This AMI is built for modern cloud operations. It comes with the AWS Systems Manager and CloudWatch agents pre-configured to seamlessly send your hardening logs and security alerts to AWS Security Hub and can be validated by Amazon Inspector, enabling continuous compliance monitoring in a centralized security dashboard.
Key Benefits for Your Organization
Accelerate Compliance & Audits: Achieve a 99% CIS compliance score out-of-the-box and provide auditors with the detailed reports they need, reducing audit preparation time from weeks to minutes. The pre-hardened state and included tools directly support requirements for PCI 4.0 DSS, HIPAA, SOC 2, and other major frameworks.
Reduce Your Attack Surface: The combination of CIS Level 1 hardening and the integrated Threat Defense Suite actively protects your instances from common vulnerabilities, malware, and unauthorized changes, minimizing your security risk.
Faster, More Secure Deployments: Launch secure, production-ready servers in minutes. By providing a pre-configured, fully tested foundation, you empower your development teams to build and deploy applications faster without compromising on security.
Improve Operational Efficiency: Eliminate hundreds of hours of manual hardening and security tool configuration. This AMI provides a consistent, automated, and verifiable security baseline across all your environments, from development to production.
Included Reports and Files
To demonstrate full transparency and assist with your compliance documentation, each AMI includes the following files in /home/ubuntu/SiXCraft_Hardened_Reports:
-
basevm.txt & basevm-snaps.txt: A complete list of all packages and snaps present on the base OS before hardening.
-
afterhardening.txt & afterhardening-snaps.txt: A complete list of packages and snaps after the hardening script has been applied.
-
main.log: A detailed, time-stamped log of every action and command executed by the hardening script.
-
summary_report.txt: A high-level summary of the hardening process, including the final compliance score.
-
suid_sgid_review_list.txt: A generated list of executables with special permissions for your manual review and justification.
-
Exceptions.txt: A template for you to document any necessary exceptions for your specific environment.
Highlights
- Go Beyond Compliance with an Audit-Ready Foundation: This AMI is hardened to 99% CIS Level 1 compliance and includes detailed, pre-generated reports, providing a complete audit trail of all hardening actions to drastically simplify your PCI 4.0 DSS, HIPAA, and SOC 2 evidence gathering.
- Integrated Threat Defense Suite Included: Move beyond a simple hardened OS with a built-in, pre-configured security suite, including ClamAV (anti-malware), rkhunter (rootkit detection), and AIDE (file integrity monitoring), for active threat detection from the moment you launch.
- Built for Secure Cloud Operations: This enterprise-ready image is designed for modern cloud environments, featuring pre-configured agents to seamlessly integrate with AWS Security Hub and Amazon Inspector for continuous, centralized compliance monitoring.
Details
Unlock automation with AI agent solutions

Features and programs
Financing for AWS Marketplace purchases
Pricing
Free trial
- ...
Dimension | Cost/hour |
---|---|
t4g.medium Recommended | $0.02 |
m6g.4xlarge | $0.16 |
c8gn.medium | $0.02 |
c6gn.8xlarge | $0.16 |
m8g.medium | $0.02 |
c6gn.large | $0.04 |
r8gd.metal-24xl | $0.64 |
c6gd.16xlarge | $0.32 |
m7g.medium | $0.02 |
m7g.4xlarge | $0.16 |
Vendor refund policy
Your satisfaction is our priority. This refund policy applies only to the software fees for our AMI; we do not offer refunds for AWS infrastructure costs. All refund requests are reviewed on a case-by-case basis. To request a refund, please contact our support team with your AWS Account ID and a detailed description of the issue.
Contact: info@sixcraft.coÂ
How can we make this page better?
Legal
Vendor terms and conditions
Content disclaimer
Delivery details
64-bit (Arm) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Version: v2025.08.26 Release Date: August 26, 2025
Initial Release: The Audit Ready, Enterprise Secure Ubuntu 24.04 LTS
This is the inaugural release of the Enterprise Secure Ubuntu 24.04 LTS by Six Craft Group. This Amazon Machine Image (AMI) is designed from the ground up to provide a secure, compliant, and production ready foundation for business critical applications on AWS.
This version focuses on three core principles: deep security hardening, unparalleled transparency through reporting, and a builtin suite of threat defense tools to go beyond baseline compliance.
Key Features & Improvements:
CIS Level 1 Hardening: The AMI is fully hardened to be 99% compliant with the CIS Ubuntu Linux 24.04 LTS Benchmark. All remediations for partitioning, user accounts, network parameters, and file permissions have been applied. Audit Ready Reporting Suite: Every instance includes the /home/ubuntu/SiXCraft_Hardened_Reports directory, containing a complete audit trail of the hardening process. This includes pre and post hardening package lists, a detailed command log, and a final compliance summary to drastically simplify evidence gathering for PCI 4.0 DSS, HIPAA, and SOC 2 audits. Integrated Threat Defense Suite: This version comes preconfigured with a suite of industry standard security tools for active threat detection: AIDE for File Integrity Monitoring (FIM). ClamAV for anti malware scanning. rkhunter and chkrootkit for rootkit detection. Automated Filesystem Partitioning: All required CIS partitions (/tmp, /var, /var/log, /var/log/audit, /home) are automatically created, formatted, and mounted at launch, ensuring a secure and compliant disk layout. Cloud Native Integration: The AMI is built for modern cloud operations, with the AWS Systems Manager and CloudWatch agents pre configured to seamlessly send security and compliance logs to your AWS environment for centralized monitoring.Known Issues & Important Notes:
The hardening process generates a list of remaining SUID/SGID executables that are necessary for system operation (e.g., sudo, passwd). As per CIS guidelines, it is recommended that you review this list (located in the reports directory) and formally document your acceptance in the provided Exceptions.txt file.Additional details
Usage instructions
Usage Instructions
This delivery option makes it easy to deploy a hardened Ubuntu 24.04 LTS instance using AWS CloudFormation. After subscribing, select the CloudFormation template delivery option, choose your region, and launch the stack directly from the AWS Console.
When prompted, provide a few key parameters:
Instance Name & Type -Tag your server and choose an ARM64 type such as t4g.medium, m6g.large, or c6g.large.
Key Pair - Select an existing EC2 key pair for SSH access.
Networking - Choose the VPC, subnets, and security groups for deployment. Security groups must allow SSH (22) from the trusted CIDR you provide.
Notification Email - Enter the email address where Inspector findings will be sent (confirmation required).
Volumes - Adjust disk sizes for /, /tmp, /var, /var/log, /var/log/audit, and /home.
Once launched, CloudFormation provisions the hardened EC2 instance, IAM role, Inspector integration, and SNS alerts automatically. Connect via SSH with your key pair and review audit reports in /home/ubuntu/SiXCraft_Hardened_Reports, which include compliance summaries and exceptions documentation.
Amazon Inspector is pre-integrated for continuous scans, and CloudWatch + Systems Manager are enabled for secure monitoring and management. Within minutes, you will have a CIS-hardened, PCI-ready Ubuntu environment running securely in your AWS account.
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products



Customer reviews
Transforms multi-week server setups into secure, minutes-long deployments with peace of mind
What is our primary use case?
Our primary use case is rapidly deploying a secure and compliant foundation for our business-critical applications, especially those that need to adhere to PCI/DSS standards. This product is an absolute game changer. What used to take our security and DevOps teams weeks of manual hardening, scripting, and validation is now accomplished in minutes with a single click.
The environment deploys perfectly hardened to CIS benchmarks, and the integrated threat defense tools provide immediate peace of mind. This is not just a hardened AMI; it is a complete, production-ready solution that has saved us countless engineering hours. I highly recommend it for any organization that takes security seriously.
How has it helped my organization?
This product has fundamentally improved our organization's security posture and agility. Before, deploying a compliant, production-ready server was a multi-week bottleneck that consumed hundreds of hours from our senior security and DevOps engineers. Now, with this turnkey CloudFormation template, we deploy a fully hardened, PCI-ready environment in minutes. This has slashed our application time to market and, more importantly, freed our security team to focus on application-level threats instead of repetitive, manual OS hardening. It is one of the best investments we have made in our cloud infrastructure.
What is most valuable?
The two most valuable features for us are the one-click CloudFormation deployment and the pre-configured threat defense suite. The CloudFormation template is brilliant; it has saved our team hundreds of hours, turning a complex, multi-week hardening process into a reliable, minutes-long deployment. The real peace of mind comes from the integrated tools such as ClamAV and rkhunter, which provide active threat detection out of the box. It is this combination of effortless, compliant deployment and proactive, built-in security that makes this an essential part of our cloud infrastructure.
What needs improvement?
Looking ahead, the feature I would be most excited for in a future release would be a variant of this AMI specifically hardened and optimized for EKS worker nodes. Being able to extend this same level of turnkey CIS compliance and threat detection to our containerized workloads would be a massive win. Additionally, deeper integration with services such as AWSÂ Security Lake would be fantastic for centralizing logs.
For how long have I used the solution?
I have used this solution for 1 year.
Which solution did I use previously and why did I switch?
We previously used the standard, unhardened Ubuntu LTS AMIs directly from Canonical. While they are a great starting point, the reason we switched is simple: time and confidence. Our old workflow involved a multi-week security hardening process for every new project. Our DevOps and security teams would spend countless hours manually implementing CIS controls, running validation scripts, and documenting everything for our PCI audits.
It was a massive operational bottleneck. We switched to this product because it turns that entire weeks-long process into a 10-minute, one-click deployment. We now get a fully hardened, audit-ready environment out of the box. This has not only accelerated our project timelines but has also given us much greater confidence in our security posture from day one.
What's my experience with pricing, setup cost, and licensing?
The pricing can be improved.
Which other solutions did I evaluate?
We did not evaluate other alternative solutions.
What other advice do I have?
I have no additional advice to offer.