Analysis of existing approaches to application automation for CIS Controls standards and their limitations
Download article in PDF format
Authors: Vasilevskiy P. A., Bulgakova E. V.
Annotation: This article analyzes the existing Bash-based tools for automa-tion of CIS Controls standards, focusing on their capabilities and limitations when applied in corporate environments. Tools such as Ubuntu Security Guide, JShielder, Aqua Security CIS Benchmarks, and JAMF Compliance Reporter are examined. While effective for meeting security requirements, these solu-tions face scalability and centralized management challenges, limiting their use in heterogeneous systems. The article con-cludes with the rationale for using a tool such as Ansible, that has centralized management and automated auditing capabilities, to enable non-continuous CIS compliance in large enterprise infrastructures.
Keywords: devops, corporate systems, bash, information security, ansible, cis controls, automation