CIS Hardened Image Level 1 on SUSE Linux Enterprise 15

CIS enhanced images are pre-configured images built by the Internet Security Center (CIS®) for use in the Amazon Elastic Computing Cloud (Amazon EC2). It is a pre-configured security hardening mirror that follows strict security recommendations — CIS benchmarks, making it easier for organizations to meet compliance requirements. The image is not only pre-enhanced according to the CIS Benchmark Guidelines, but is also patched monthly in sync with software vendor updates. Key benefits: Strengthen security: Follow globally recognized security configuration guidelines to mitigate risks such as malware, denial of service, and authorization, and support your cloud security posture management (CSPM) plan. Faster deployment: Pre-configured according to CIS standards, secure virtual machine images can be quickly deployed. Cross-environment consistency: Ensure consistent security configurations in development, test, and production environments to reduce configuration drift and compatibility risks. Cost-effectiveness: Reduce repair costs, reduce attack surface, and minimize business losses due to security incidents. Easier maintenance: Regular updates ensure the system is always up to date with the latest security standards and software patches. The image will not install or remove any additional software packages other than those already in the base image or required by the CIS Benchmark Recommendations. To prove compliance with the CIS Benchmark, an enhanced, industry-recognized guideline, each image includes an HTML report from the CIS Configuration Assessment Tool (CIS-CAT® Pro). Each CIS hardened image contains the following files: Base_CIS-CAT_Report.html — Provides reports on instances running CIS-CAT Pro before CIS makes any changes (such as software updates, CIS hardening). basevm.txt — Provides a list of packages installed on the instance before CIS made any changes (such as software updates, CIS hardening). CIS-CAT_Report.html — Provides a report on running CIS-CAT Pro after applying the corresponding CIS benchmark to the instance. Exceptions.txt — Lists recommendations that have not been applied because these recommended configurations may prevent the image from being used in the current cloud service provider environment, require specific environment expertise, or prevent the image from integrating with cloud service provider services or extensions. afterhardening.txt — Provides a list of software packages that reside on the instance after applying the corresponding CIS benchmark to the instance. These reports are located in the /HOME/cis_hardened_reports directory. For more information or to obtain the corresponding CIS benchmark, visit https://www.cisecurity.org/cis-benchmarks  or sign up for a free account on our community platform CIS WorkBench: https://workbench.cisecurity.org/ .