As part of our Compliance Engine, we’re maintaining a set of pre-built benchmarks to easily test your devices for CIS and NIST compliance.
These benchmarks are available along with your custom benchmarks in the Compliance tab of the catalog, and can be assigned directly to your policies from there.
What does the experimental badge mean?
The experimental badge denotes that Addigy is still in the process of testing and verifying the robustness of every device fact and rule that pertains to the benchmark. This takes some time, so we want to make these benchmarks available to beta testers in parallel to our verbose testing.
Where are the pre-built benchmarks generated from?
Prebuilt benchmarks are based on the guidelines provided by the Center for Internet Security and National Institute of Standards and Technology. We also leverage open-source resources such as https://github.com/usnistgov/macos_security
How do we remediate the device after we identify that it is out of compliance?
In the future, Addigy will provide auto remediation right out of the box. For now, feel free to use our provided MDM profiles and community scripts to remediate issues for CIS Level 1.