AWS Foundations Benchmarks
Overview
The CIS Amazon Web Services Foundations Benchmark v 1.3.0 forms one part of Sysdig’s comprehensive Cloud Security Posture Management (CSPM) and Compliance tools. The AWS CIS Benchmarks assessment evaluates your AWS services against the benchmark requirements and returns the results and remediation activities you need to fix misconfigurations in your cloud environment.
We’ve included several UI improvements to provide additional details such as: control descriptions, affected resources, failing assets, and guided remediation steps, both manual and CLI-based when available.
Enable CIS AWS Foundations Benchmarks
Prerequisites
Sysdig Secure (SaaS)
Workloads running in the AWS environment, including EKS, Fargate, etc. for which you want to verify best security practices and compliance
Deploy: using a simple CloudFormation Template in the AWS Console. See Deploy Sysdig Secure for cloud on AWS
Using AWS Foundations Benchmarks
The checks and reports for AWS Benchmarks differ from Host Benchmarks in the following ways:
No scheduling: The check is automatically deployed daily; the user does not choose a particular schedule, nor to “run now.”
Tasks and Reports combined:
There is a single page displaying:
The chosen AWS account, region, and date when report date
The curated list of controls that are run (left panel)
The daily report, with its pass/fail details and any recommended remediation steps
Reviewing an AWS CIS Report
Log in to Sysdig Secure and select
Compliance > AWS Foundations Benchmark
.Select the relevant report:
Account id: From the drop-down menu, choose one of the accounts where you deployed the CFT and enabled the AWS Benchmarks feature.
Region: Choose the AWS region of the account you want to check (not necessarily the region where your Sysdig Secure is installed)
Date: Choose a report date. Checks are run once per 24 hours.
Review the daily report (right panel).
Note the following:
% of Resources Passed: Of the controls implemented by Sysdig, this is the percentage that passed.
Resources Passing: Every control checks multiple resources (e.g., hundreds of S3 buckets, etc.). This figure displays an aggregated count of all the resources over all the controls.
Resources Failing: Choose this figure to review a consolidated list of all failed controls with their remediation recommendations.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.