Class: CisBenchmark (DEPRECATED)
The CIS Benchmark object describes best practices for securely configuring IT
systems, software, networks, and cloud infrastructure as defined by the <a
target='_blank' href='https://www.cisecurity.org/cis-benchmarks/'>Center for
Internet Security. See also <a target='_blank'
href='https://www.cisecurity.org/insights/blog/getting-to-know-the-cis-benchmarks'>Getting
to Know the CIS Benchmarks.
URI: ocsf:CisBenchmark
classDiagram
class CisBenchmark
click CisBenchmark href "../CisBenchmark/"
Object <|-- CisBenchmark
click Object href "../Object/"
CisBenchmark : cis_controls
CisBenchmark --> "* _recommended_" CisControl : cis_controls
click CisControl href "../CisControl/"
CisBenchmark : desc
CisBenchmark : name
Inheritance
- OcsfObject
- Object
- CisBenchmark
- Object
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| cis_controls | * recommended CisControl |
The CIS Critical Security Controls is a prioritized set of actions to protect | direct |
| desc | 0..1 String |
The CIS Benchmark description | direct |
| name | 1 String |
The CIS Benchmark name | direct |
In Subsets
Aliases
- CIS Benchmark
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:CisBenchmark |
| native | ocsf:CisBenchmark |
LinkML Source
Direct
name: CisBenchmark
description: 'The CIS Benchmark object describes best practices for securely configuring
IT
systems, software, networks, and cloud infrastructure as defined by the <a
target=''_blank'' href=''https://www.cisecurity.org/cis-benchmarks/''>Center for
Internet Security</a>. See also <a target=''_blank''
href=''https://www.cisecurity.org/insights/blog/getting-to-know-the-cis-benchmarks''>Getting
to Know the CIS Benchmarks</a>.'
deprecated: Use the Compliance object with Checks object instead. (since 1.5.0)
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- CIS Benchmark
is_a: Object
slots:
- cis_controls
- desc
- name
slot_usage:
cis_controls:
name: cis_controls
recommended: true
desc:
name: desc
description: 'The CIS Benchmark description. For example: <i>The cramfs filesystem
type is a
compressed read-only Linux filesystem embedded in small footprint systems. A
cramfs image can be used without having to first decompress the image.</i>'
name:
name: name
description: 'The CIS Benchmark name. For example: <i>Ensure mounting of cramfs
filesystems
is disabled.</i>'
required: true
Induced
name: CisBenchmark
description: 'The CIS Benchmark object describes best practices for securely configuring
IT
systems, software, networks, and cloud infrastructure as defined by the <a
target=''_blank'' href=''https://www.cisecurity.org/cis-benchmarks/''>Center for
Internet Security</a>. See also <a target=''_blank''
href=''https://www.cisecurity.org/insights/blog/getting-to-know-the-cis-benchmarks''>Getting
to Know the CIS Benchmarks</a>.'
deprecated: Use the Compliance object with Checks object instead. (since 1.5.0)
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- CIS Benchmark
is_a: Object
slot_usage:
cis_controls:
name: cis_controls
recommended: true
desc:
name: desc
description: 'The CIS Benchmark description. For example: <i>The cramfs filesystem
type is a
compressed read-only Linux filesystem embedded in small footprint systems. A
cramfs image can be used without having to first decompress the image.</i>'
name:
name: name
description: 'The CIS Benchmark name. For example: <i>Ensure mounting of cramfs
filesystems
is disabled.</i>'
required: true
attributes:
cis_controls:
name: cis_controls
description: 'The CIS Critical Security Controls is a prioritized set of actions
to protect
your organization and data from cyber-attack vectors.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- CIS Controls
rank: 1000
alias: cis_controls
owner: CisBenchmark
domain_of:
- Remediation
- CisBenchmark
range: CisControl
recommended: true
multivalued: true
desc:
name: desc
description: 'The CIS Benchmark description. For example: <i>The cramfs filesystem
type is a
compressed read-only Linux filesystem embedded in small footprint systems. A
cramfs image can be used without having to first decompress the image.</i>'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Description
rank: 1000
alias: desc
owner: CisBenchmark
domain_of:
- Osint
- RelatedEvent
- Remediation
- Vulnerability
- Advisory
- Analytic
- ApplicationObject
- Assessment
- Check
- CisBenchmark
- CisBenchmarkResult
- CisControl
- Compliance
- Cve
- Database
- Databucket
- Enrichment
- File
- FindingObject
- FindingInfo
- Graph
- Group
- Job
- Location
- Node
- Policy
- Rule
- Table
- WebResource
- Device
- IncidentFinding
range: string
name:
name: name
description: 'The CIS Benchmark name. For example: <i>Ensure mounting of cramfs
filesystems
is disabled.</i>'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Name
rank: 1000
alias: name
owner: CisBenchmark
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- Parameter
- PrivilegeInfo
- San
- Scim
- Script
- ServicePrivilegeAnalysis
- SoftwareComponent
- Sso
- StartupItem
- ThreatActor
- Token
- Entity
- Resource
- Account
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- AutonomousSystem
- Campaign
- Check
- CisBenchmark
- CisBenchmarkResult
- CisControl
- ClassifierDetails
- Container
- D3fTactic
- D3fTechnique
- Database
- Databucket
- DomainContact
- Edge
- Endpoint
- Enrichment
- EnvironmentVariable
- Evidences
- Extension
- Feature
- File
- Graph
- Group
- HttpCookie
- HttpHeader
- Idp
- Image
- Job
- Kernel
- KeyValueObject
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metric
- Mitigation
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- ResourceDetails
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- FtpActivity
- RegValue
- WinResource
- WinService
- PrefetchQuery
range: string
required: true