VSI uses tools that have been certified by the Center for Internet Security (CIS) to perform a wide variety of Unix, Windows and application audits based on "best practice" consensus guides developed by CIS.
These best practice guides contain security hardening guidelines designed to harden your servers and applications from attack while still maintaining operational ease of use. Each guide is developed in coordination with academia, industry, government and vendor participants. The guides are published in PDF format and available to the entire Internet community free of charge.
VSI uses Nessus audit policies for specific CIS "best practice" guides and then submits our test criteria and audit results for analysis by CIS personnel for official certification.
Nessus has produced CIS policies for a variety of:
Applications
Desktop Operating Systems
Server Operating Systems
SQL Databases