Downloading and Using CIS-CAT Benchmarks Tool

Audience: Faculty, Staff, Students and Teaching Assistants

This KB Article References: Cyber Security
This Information is Intended for: Faculty, Staff, Students, Teaching Assistants
Last Updated: November 29, 2017

CIS (Center for Internet Security) is a nonprofit organization focused on enhancing cyber security for both the private and public sector through collaboration. CIS publishes a series "benchmark" standards - a list of all the features and settings that your system should have enabled/disabled to optomize security. CIS creates these benchmarks for a wide variety of operating systems. CIS-CAT - a CIS-made tool - compares your system’s configuration to the benchmark “security standard” and produces a report. With this tool, you can discover potential issues with your computer’s security before they escalate into more severe problems. 

Downloading CIS-CAT 

  1. First you will have to register here. Membership is free to those who subscribe with an @stonybrook.edu address.
  2. After filling out your personal information, and clicking register, you will have to go to your registered email and click the registration link.
  3. After clicking the registration link, you will be sent another email. This email will instruct you on how to create a password for your CIS Community account, as well as how to access the downloads that are available to you. Follow the link in the email to the CIS login page.
  4. Enter your email and your password (provided in the last email) into the fields. It will then prompt you to make  a new password.
  5. After you’ve created your password, you will be taken to your account page. On the top right of the page there are a series of icons. Click on the one that says “Downloads”.
  6. This will take you to a list of all the available benchmark downloads. Select the one that you need. Clicking on it will begin the download. 

Running CIS-CAT

Video Tutorial 

  1. Unzip the file that you downloaded.
  2. Run the executable(.exe) file within the unzipped folder.
  3. The Configuration Assessment Tool will then pop up. Select the benchmark that you want to scan for.
  4. It will then prompt you to pick a profile. Pick whichever profile you are currently working with.
  5. After you’ve selected your profile, the program will begin running its scan. Allow it to run uninterrupted.
  6. Once the scan is complete it will display a window summarizing the results of the scan.
  7. You can click on any of the descriptions to investigate the issue further. It is advised that you correct any issues marked “fail” as these indicate a breach in your system’s security.

Slide Deck

For a more visual-based guide to downloading and running CIS-CAT, view the presentation below.  

Getting Help


The Division of Information Technology provides support on all of our services. If you require assistance please submit a support ticket through the IT Service Management system.

Submit A Ticket

For More Information Contact


Customer Engagement and Support