CEM for Linux
You can deploy the Compliance Enforcement Module (CEM) for Linux to help ensure that your servers on Linux operating systems comply with security recommendations. You can enforce the controls that are specified by the Center for Internet Security (CIS). Alternatively, you can apply the standards published in the US Defense Information Systems Agency (DISA) Security Technical Implementation Guides (STIGs).
To get started, review the basic concepts and then follow the instructions to deploy CEM in your environment. See Getting started.