By granting the bench container high levels of privilege to the host file system, network namespaces, and more, the container executes a scan to run all available CIS tests on the host, and will also output logs in the current directory. By running these tests, we can see how we stand up against the standards set by the Center for Internet Security.