Hello BigFix Community,
We are pleased to announce the release of a new compliance checklist within BigFix Compliance, designed to support the NIS2 Directive (EU) 2022/2555.
As organizations across the European Union, and those doing business with them, prepare for the heightened cybersecurity requirements of NIS2, we are expanding our library to help you automate and audit technical controls effectively.
What is the NIS2 Compliance Checklist?
The NIS2 Compliance Checklist is a specialized content pack designed to assess compliance against the technical requirements of Directive (EU) 2022/2555 for Windows Workstations.
This release aggregates relevant checks from widely recognized benchmarks (CIS) and maps them directly to the specific risk-management measures mandated by Article 21(2). This allows you to enforce security configurations and audit your environment against European cybersecurity standards.
Technical Snapshot
Here is a quick overview of the coverage provided in this release:
● Total Fixlets: 577
● Fixlets with Remediation: 575
● Parameterized Fixlets: 497
● Benchmark Sources: CIS
● Applies To: Windows Workstation 10 and 11
Scope of Coverage
The NIS2 Directive is broad, covering organizational and technical measures. This checklist focuses specifically on the technical controls that can be monitored and enforced via BigFix.
We currently support controls across 7 key categories, mapping directly to the following articles:
● Incident Handling (Check Count: 67)
○ (Article 21(2), point (b)) – Monitoring configurations that facilitate accurate logging and incident detection.
● Security in Network and Information Systems Acquisition, Development, and Maintenance (Check Count: 293)
○ (Article 21(2), point (e)) – Ensuring secure configurations and vulnerability management during system lifecycles.
● Cryptography (Check Count: 60)
○ (Article 21(2), point (h)) – Verifying encryption settings and cryptographic protocols.
● Access Control (Check Count: 144)
○ (Article 21(2), points (i) and (j)) – Auditing user rights, authentication policies, and privilege management.
● Asset Management (Check Count: 5)
○ (Article 21(2), point (i)) – Ensuring visibility and control over hardware and software assets.
● Environmental and Physical Security (Check Count: 4)
○ (Article 21(2), points (c), (e) and (i)) – Controls related to physical port security and screen locking mechanisms.
● Human Resources Security (Check Count: 4)
○ Article 21(2), point (i) – Implementing interactive logon messages to support security awareness and policy enforcement.
How to Get Started
The NIS2 Checklist for Windows Workstation is available now. To get started, please subscribe to the content from the NIS2 Checklist for Windows Workstation external site and deploy it to your desired endpoints.
To get started:
-
Enable and gather the NIS2 Checklist for Windows Workstation external site from the License Overview Dashboard.
-
Create a custom site using Create Custom Checks wizard.
-
Change the default parameters if required.
-
If you use custom sites, update your custom sites accordingly to use the latest content. You can synchronize your content by using the Synchronize Custom Checks wizard. For more information, see Using the Synchronize Custom Checks wizard
-
Subscribe all the relevant Windows Workstation (10/11) endpoints.
-
Run SCA import to get the compliance status reports.
More information:
To know more about the BigFix Compliance SCM checklists, please see the following resources:
● BigFix Forum:
https://forum.bigfix.com/c/release-announcements/compliance
● BigFix Compliance SCM Checklists:
https://bigfix-wiki.hcltechsw.com/wikis/home?lang=en-us#!/wiki/BigFix%20Wiki/page/SCM%20Checklists
We are committed to helping you stay compliant with the latest regulatory frameworks. If you have questions regarding specific checks or need assistance with implementation, please feel free to reply to this thread
.
– The BigFix Compliance team