These days system hardening is one area Infosec professionals give more importance. But how will we evaluate that our system configurations are good enough. This is where CIS security benchmarks can help you. CIS (Center of Internet Security) is an independent organization that constantly reviews system configuration setting across multiple vendors.
CIS benchmarks division was formed in October 2000, and it is a not for profit consortium of users, security consultants, and vendors of security software (members). They focused on enhancing the cyber security readiness and response of public and private sector entities. Through consensus, the CIS Security Benchmarks division provides frameworks to help organizations bolster their security.
According to CIS website, they define the program as below