Yugabyte Announces CIS Benchmark for YugabyteDB to Elevate Data Security Standards

First Distributed SQL Database Vendor to Complete the Benchmark

Yugabyte, the distributed PostgreSQL database company for cloud native applications, today announced that the Center for Internet Security (CIS) has published a security benchmark for the YugabyteDB database in collaboration with the Yugabyte security team. The new YugabyteDB CIS Benchmark introduces users of the open source database to security configuration and operational best practices to better protect their business-critical data, reduce the probability of data compromise, and enhance their cybersecurity posture.

CIS benchmarks provide globally recognized best practices to guide security practitioners in effectively configuring, implementing and managing their cybersecurity defenses. Publishing the CIS Benchmark for YugabyteDB underscores Yugabyte’s commitment to enabling our customers to define, implement, and follow a comprehensive security program using their high-performance distributed PostgreSQL database solution.

“As the digital landscape evolves, ensuring the utmost security and performance of your database is crucial,” said Maurice Olsen, Sr. Director, Information Security and Compliance at Yugabyte. “The CIS Benchmark for YugabyteDB showcases our commitment to meeting stringent industry security standards, as we provide our customers with a secure, highly performant, and resilient database, capable of safely managing a large volume of critical data.”


CIS BenchmarksTM are consensus-developed secure configuration guidelines for hardening operating systems, servers, cloud environments, and more. The CIS Benchmarks include more than 100 configuration guidelines across 25+ vendor product families. Benchmarks are created through a unique consensus-development process, where subject matter experts, security professionals, and technologists from around the world contribute to the development to help protect systems against threats more confidently.

The CIS Benchmark for YugabyteDB was a collaborative effort between Yugabyte and the Center for Internet Security and offers a comprehensive and actionable plan to ensure robust security and compliance. The benchmark provides enterprises with tailored, comprehensive security guidelines, protection against emerging security challenges, and tools to meet stringent security standards.


“As technology continues to evolve, so do the cybersecurity risks that users face. That’s why secure configuration using the CIS Benchmarks is so important; it helps the larger cybersecurity community as a whole,” said CIS Executive Vice President & General Manager, Security Best Practices, Curtis Dukes. “We look to continue building on secure configuration Benchmarks with technology vendors like Yugabyte.”


As a cutting-edge, open-source distributed PostgreSQL database designed to meet the demands of modern, globally distributed applications, YugabyteDB combines the familiarity of PostgreSQL with the scalability and resilience required for cloud native environments. To learn more about the CIS Benchmark for YugabyteDB, please visit the Yugabyte Security and Trust Center: https://www.yugabyte.com/trust/.  You can also find out more about the process behind the new CIS Benchmark for YugabyteDB here: https://www.yugabyte.com/blog/cis-benchmark/.


About Yugabyte:

Yugabyte is the company behind YugabyteDB, the open-source, high-performance distributed SQL database for building global, cloud-native applications. YugabyteDB serves business-critical applications with SQL query flexibility, high performance, and cloud-native agility, thus allowing enterprises to focus on business growth instead of complex data infrastructure management. It is trusted by companies in cybersecurity, financial markets, IoT, retail, e-commerce, and other verticals. Founded in 2016 by former Facebook and Oracle engineers, Yugabyte is backed by Lightspeed Venture Partners, 8VC, Dell Technologies Capital, Sapphire Ventures, and others. Learn more information at www.yugabyte.com.


About The Center for Internet Security® (CIS®)

The Center for Internet Security® (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit, responsible for the CIS Critical Security Controls® and CIS BenchmarksTM, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities, and the Elections Infrastructure Information Sharing and Analysis Center® (EI-ISAC®), which supports the rapidly changing cybersecurity needs of U.S. elections offices. To learn more, visit CISecurity.org or follow us on Twitter: @CISecurity.