- Why Should My Company's Product(s) Be Certified?
- How Can My Company's Product(s) Get Certified?
- CIS Security Benchmarks Certification Information Packet
- For More Information
CIS Security Software Vendor Members (Annual Membership Fee - $20,000)
Membership allows security software vendor companies eligibility for CIS Software Certification to use the CIS benchmark content in their products. Membership also allows security consultants and auditors to use the CIS resources in consulting/auditing engagements with external customers.
CIS Security Software Vendor Membership allows a vendor member to obtain up to 50 product certifications each year, and those members may also purchase additional bundles of 10 certifications for $5,000 that may be used accross annual membership periods.
Independent companies develop CIS-certified software tools. They are business entities that have no agency, partnership, or joint-venture relationship with the CIS Security Benchmarks Division. Some make their software commercially available to IT service and consulting companies, as well as corporate and government end users. Others utilize proprietary software in the delivery of secure IT services to their customers.
CIS certified security software tools have been tested to accurately measure and report the conformity of computer configurations with the technical settings and actions defined in the Benchmarks.
CIS Security Software Vendor Members may also use the CIS resources in consulting/auditing engagements with external customers upon signed agreement of a CIS Organizational Consulting Agreement. To learn more about this agreement type, please visit here.
These companies share a common commitment to provide software that:
Your company's security tools should be CIS-certified if:
By obtaining CIS certification of your security software product(s) you will:
- Be recognized as a Security Software Vendor that provides CIS-Certified security software.
You will be authorized to display the CIS Security Benchmarks Software "Certified" Logo in your product marketing program. Learn more about the CIS Security Software Certification Mark.
- Improve customer identification and brand recognition of your security product(s).
There are more than 20,000 unique visitors to the CIS website every month for configuration security information and authoritative resources. The site features a URL that profiles CIS Certified security tools and provides a link to your company website.
To obtain CIS Certification of its software products, a company must meet the requirements listed below at the time of certification. Compliance with the following requirements must be continuously maintained during the CIS Certification process.
- Internal testing reports that explain the company's testing methodology and which definitively demonstrate that the submitted version(s) of the Security Software Tool(s) accurately checks/scores/reports as compared to the Benchmark(s) version(s) security configuration recommendations; and
- One copy of the Security Software Tool that is to be CIS Certified.
Upon receipt of the Security Software Certification Application, test report documentation, and the Security Software Tool, the CIS Security Benchmarks Division will review the Application and notify the company as to whether it has obtained CIS Certification for its Security Software Tool. CIS reserves the right to conduct independent testing on the Security Software Tool at any time before or after an award of CIS Security Benchmarks Certification.
To apply to have your organization's security software product(s) certified, download and fill out the CIS Security Benchmarks Certification Information Packet. This packets includes the following:
For more information about the testing and certification process, or to initiate CIS Security Benchmarks Certification for your company's security software product(s), contact us.