CIS Tencent Cloud Foundation Benchmark V1.0.0
The Tencent Cloud Foundation CIS Benchmark, introduced in November, enables customers to deploy and operate workloads on Tencent Cloud securely using industry-recognized best practices. Developed in collaboration with the Center for Internet Security (CIS), it provides prescriptive guidance to assess, harden, and govern cloud environments against common security risks and misconfigurations.
By using the benchmark as a security baseline, customers can confidently build, validate, and maintain secure Tencent Cloud deployments while aligning with global security and compliance standards.

CIS Oracle SaaS Cloud Applications Benchmark V1.0.0
The Oracle SaaS Cloud Applications CIS Benchmark, launched in November, gives customers a practical security baseline for deploying and managing Oracle’s SaaS applications with confidence. Developed in partnership with the Center for Internet Security (CIS), this benchmark extends globally recognized, consensus-based security best practices into the SaaS layer of cloud operations, beginning with Oracle Fusion and EPM applications. cis-benchmark-for-oracle-saas
By adopting this benchmark, customers can assess, configure, and harden their Oracle SaaS environments against common security risks and misconfigurations. It offers prescriptive guidance on identity and access controls, configuration monitoring, logging, and other critical settings, helping teams reduce variation, support audit readiness, and align with widely adopted regulatory standards. Oracle Blogs
Using the benchmark as a security baseline enables organizations to build, validate, and maintain safer SaaS deployments—enhancing operational security and compliance posture across Oracle’s cloud applications.

CIS IBM Cloud Foundations Benchmark V2.0.0
CIS IBM Cloud Foundations Benchmark v2.0.0 is the next-generation version of the initial v1.0.0. While the foundational intent remains the same—helping customers securely configure IBM Cloud environments—the jump to v2.0.0 reflects a significant refresh with updated controls, modernized guidance, and deeper alignment with evolving cloud security and compliance expectations.
https://workbench.cisecurity.org/benchmarks/11688/change/log

CIS Google Kubernetes Engine (GKE) Benchmark V1.9.0
Following the CIS Google Kubernetes Engine (GKE) Benchmark v1.8.0 released in June 2025, the CIS GKE Benchmark v1.9.0, published in November 2025, brings an updated and more robust set of security recommendations tailored for Google Kubernetes Engine deployments. The newer version continues to provide prescriptive, consensus-based controls that help organizations secure their GKE clusters but expands and refines guidance to align with the latest GKE/Kubernetes platform advancements, streamlining essential controls, removing outdated items, and introducing new recommendations based on current security practices. By adopting v1.9.0, customers benefit from enhanced alignment with Google Cloud and CIS best practices, clearer prioritization of essential (Level 1) and advanced (Level 2) controls, and improved relevance for modern Kubernetes versions supported on GKE. This ensures that as Google’s managed Kubernetes evolves, organizations can assess and harden their clusters against contemporary threats and misconfigurations with up-to-date, actionable guidance.

CIS Google Kubernetes Engine (GKE) Autopilot Benchmark V1.3.0
The CIS Google Kubernetes Engine (GKE) Autopilot Benchmark v1.3.0 provides customers with a clear, industry-recognized security baseline for running workloads on GKE Autopilot. Developed by the Center for Internet Security (CIS), the benchmark delivers prescriptive best practices focused on the security configurations that customers can control in Autopilot mode, such as workload settings, identity and access management, and policy enforcement. By adopting this benchmark, organizations can confidently assess and strengthen the security posture of their Autopilot clusters while aligning with globally accepted Kubernetes and cloud security standards.

CIS Oracle Cloud Infrastructure Container Engine for Kubernetes(OKE) Benchmark V1.8.0
Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) is a fully managed Kubernetes service on Oracle Cloud that lets you deploy, scale, and manage containerized applications using the open-source Kubernetes orchestration platform.
The CIS Oracle Cloud Infrastructure Container Engine for Kubernetes (OKE) Benchmark v1.8.0 is a security configuration standard published by the Center for Internet Security (CIS) that provides industry-recognized best practices for hardening OKE clusters.

CIS Apple iPadOS 18 Benchmark V2.0.0
The CIS Apple iPadOS 18 Benchmark v2.0.0 is a security configuration standard developed by the Center for Internet Security (CIS) to help organizations and users harden Apple iPads running iPadOS 18 according to globally recognized best practices. This updated version reflects the latest advancements in the operating system and provides prescriptive guidance for secure settings that reduce risk, support compliance, and protect sensitive data on mobile devices. By adopting this benchmark, customers can confidently configure iPadOS 18 devices to meet strong security baselines and defend against emerging threats in enterprise and personal environments.

CIS Apple iOS 18 Benchmark V2.0.0
The CIS Apple iOS 18 Benchmark v2.0.0 is a security configuration standard from the Center for Internet Security (CIS) that helps organizations and individuals securely configure Apple devices running iOS 18. Building on earlier benchmark versions, this updated release reflects the latest features and changes in iOS 18 and provides prescriptive, globally recognized best practices for device settings, access controls, and privacy protections. By following this benchmark, users can establish a strong security baseline, reduce exposure to threats, and align their mobile security posture with industry-accepted standards.