Getting a CIS Benchmark's Details

• Console
• CLI
• API

• The Center for Internet Security (CIS) publishes best practices for devices and operating systems, which result from the collaboration of cybersecurity professionals and subject matter experts. The Vulnerability Scanning service checks hosts for compliance with the section 5 (Access, Authentication, and Authorization) benchmarks defined for Distribution Independent Linux.

  To get a CIS Benchmark's details, complete the following steps:

  1. On the Scanning reports list page, select the scan that you want to work with. If you need help finding the list page or the scan, see Listing Host Scans.
  2. From the Metrics page, find the number of CIS benchmarks passed.
  3. Select CIS benchmarks.

     The following details are shown for each CIS benchmark that the Vulnerability Scanning service tested on this Compute instance:

     • Benchmark ID
     • Result- pass or fail
     • Summary

  Learn about a specific benchmark by downloading the document for Distribution Independent Linux.

• Use the oci vulnerability-scanning host scan result cis-benchmark get command and required parameters to retrieve a host CIS benchmark scan result identified by the benchmark scan result ID:

  oci vulnerability-scanning host scan result cis-benchmark get [OPTIONS]

  For a complete list of flags and variable options for CLI commands, see the Command Line Reference.

• Run the GetHostCisBenchmarkScanResult operation to retrieve a host CIS benchmark scan result identified by the benchmark scan result ID.