CIS Security Benchmarks Membership
Security Expertise Made Affordable
Few companies, government agencies or institutions have the expertise to develop thorough and effective security configuration policies for all of their systems. CIS Security Benchmarks membership provides access to high quality, cost-effective resources. The CIS Benchmarks are a widely-accepted standard against which to compare an organization's technical control policies. The CIS Benchmarks are based on expert consensus and are widely accepted by U.S. government agencies for FISMA compliance, and by auditors for compliance with ISO standards as well as PCI, GLB, SOX, HIPAA, and other the regulatory requirements for information security.
- Benefits of CIS Security Benchmarks Membership
- Who should become a CIS Security Benchmarks Member?
- What are the different categories of membership?
- Do colleges and universities pay discounted membership fees?
- Who are the current CIS Security Benchmarks Members?
- Membership registration forms
For more information about membership, contact CIS Security Benchmarks at email@example.com.
CIS Security Benchmarks Membership gives you the most complete access to all that CIS has to offer. Benefits include:
1. Access to the CIS-CAT Benchmark Assessment Tool, which analyzes the configuration of target systems and returns a score between 1-100 for Benchmark conformity. Report details make it easy to identify which aspects of a target system are out of compliance with a Benchmark. To learn more about CIS Benchmark Assessment Tools, click here.
- A command line version that eases deployment of the tool for scoring networked systems
- A version that reads customized input files, enabling you to compare the configuration of your systems with both the CIS Benchmarks and your organization's security configuration policies
- Ability to scan multiple systems
- Dashboard Reporting Capability
- NIST FDCC Validated Scanner (SCAP 1.0)
- Compatible with NIST's USGCB Windows 7 Content
- User Guide and XML Customization Guide included
2. The right to distribute the Benchmarks, Benchmark Assessment Tools, and Consensus Security Metrics within your organization.
3. Access to the CIS Security Benchmarks Members Website, including:
- Development versions of new Benchmarks, CIS-CAT, Benchmark XML files, and other resources which are not available to the general user community
- Word and Excel versions of Benchmarks
- A guide for modifying Benchmark XML files for use in CIS-CAT to enable the scanning of member-customized configuration policies that are derived from the Benchmarks
- Access to benchmarks in XCCDF format, which facilitates automated configuration assessment
- Automated remediation content for implementing and assessing Benchmark guidance, including;
- GPOs for Windows 7 & 8 and Windows Server 2008 & 2012 and Internet Explorer 10
- AIX 5.3 and 6.1 XML for use with AIXPERT
- HP-UX 11i Bastille Configuration
- Tutorials and webcasts
- Member only discussion areas
4. Timely electronic notification of updates to the Benchmarks, Benchmark Assessment Tools, and Consensus Security Metrics.
5. Enhanced Benchmark and Assessment Tool support from staff and developers. Security Benchmarks Members benefit from direct technical support, as well as access to documentation contained in the Members area website. For more information about support, click here.
6. Visibility of your organization's tangible commitment to Internet security through its inclusion in the Roster of Members on the CIS website and promotional materials. To see the current Roster of Members, click here.
7. The right to use the CIS Security Benchmarks Membership Mark on your organization's website and documents, establishing its status as a leader in formulating better security standards for systems connected to the Internet. For information about all CIS marks and usage guidelines, click here.
8. Additional Rights and Benefits for all Universities:
- Use of CIS Security Benchmarks resources in the classroom environment for educational purposes.
9. Additional benefit for security software vendors:
- Eligibility for CIS Security Benchmarks Software Certification (available only for software vendors enrolled as CIS Security Benchmarks Software Certification members). See a list of CIS Certified Software Products. For information about all CIS marks and usage guidelines, click here.
10. Additional benefit for IT consultants:
- Eligibility to use the CIS Security Benchmarks resources on consulting/auditing engagements. This is available only to CIS Security Software Certification members and IT Security Consultant and Auditor members. Learn more about the Consulting Use Membership Agreement.
- Users and Organizations who depend on their IT systems being secure and reliable.
- Auditors who work to verify the security of clients' automated IT systems in a way that is consistent with their audits of other standards-based business processes.
- IT Consultants who help clients improve their system security configurations to levels that are widely accepted as prudent due care or best practice.
- Security Software Vendors who market commercially available tools that assess and report the conformance of system security configurations with the settings and actions defined in CIS benchmarks.
- ISPs, Web Hosting Companies, Business-to-Business e-Commerce Exchanges, and others who have a direct stake in minimizing their customers' risk of business disruptions and cyber crime.
- Insurance Companies that aim to minimize the underwriting risk associated with the information assets of the businesses they insure.
- Network security specialists, firewall administrators, and others whose job it is to ensure the confidentiality, privacy, integrity, and availability of information assets under their custodial care.