CIS Security Benchmarks

The CIS Security Benchmarks program provides vendor-agnostic, consensus-based best practices to help organizations assess and improve their security. Resources include:

  • secure configuration benchmarks
  • automated configuration assessment tools and content
  • security metrics
  • security software product certifications

The Security Benchmarks program is an independent authority that helps both public and private industry experts collaborate and find consensus on practical cybersecurity solutions. Our resources are used by organizations worldwide to help meet compliance requirements for FISMA, PCI, HIPAA and more. Learn more about CIS Security Benchmarks and compliance.

Community Approach

The CIS Security Benchmarks program aims to raise the level of security and privacy in Internet-connected systems, and to ensure the integrity of technical systems on which society increasingly depends. We achieve this through the collaboration of our Consensus Community. Around every CIS Security Benchmark, there’s a group of IT security experts volunteering their knowledge and experience to develop best-practice guidance for the global Internet community. Join a Consensus Community today.

The success of this program is also thanks to the strength of our Security Benchmarks Member community. Security Benchmarks Members include companies of all sizes, government agencies, colleges and universities, nonprofits, IT consultants, and security software vendors. Learn more about CIS Security Benchmarks Membership.

The tremendous commitment to excellence and collaboration through which our Consensus Community and Security Benchmarks Members operate is instrumental in our collective success.

CIS Security Benchmarks Terms of Use 
CIS Security Benchmarks Logos & Trademarks