Terms Of Use



  • Use PDF Benchmarks in accordance with


  • SB Products Provided As Is. CIS is providing the SB Products “as is” and “as available” without: (1) any representations, warranties, or covenants of any kind whatsoever (including the absence of any warranty regarding:  (a) the effect or lack of effect of any SB Product on the operation or the security of any network, system, software, hardware, or any component of any of them, and (b) the accuracy, utility, reliability, timeliness, or completeness of any SB Product); or (2) the responsibility to make or notify you of any corrections, updates, upgrades, or fixes.
  • Intellectual Property and Rights Reserved.  You are not acquiring any title or ownership rights in or to any SB Product, and full title and all ownership rights to the SB Products remain the exclusive property of CIS.  All rights to the SB Products not expressly granted in these Terms of Use are hereby reserved.
  • Restrictions.  You acknowledge and agree that you may not: (1) decompile, dis-assemble, alter, reverse engineer, or otherwise attempt to derive the source code for any software SB Product that is not already in the form of source code; (2) distribute, redistribute, sell, rent, lease, sub license or otherwise transfer or exploit any rights to any SB Product in any way or for any purpose; (3) post any SB Product on any website, bulletin board, ftp server, newsgroup, or other similar mechanism or device; (4) remove from or alter these CIS SecureSuite Terms of Use on any SB Product; (5) remove from or alter any proprietary notices on any SB Product;  (6) use any SB Product or any component of an SB Product with any derivative works based directly on an SB Product or any component of an SB Product; (7) use any SB Product or any component of an SB Product with other products or applications that are directly and specifically dependent on such SB Product or any component of an SB Product for any part of their functionality; (8) represent or claim a particular level of compliance or consistency with any SB Product; or (9) facilitate or otherwise aid other individuals or entities in violating these CIS SecureSuite Terms of Use.
  • Your Responsibility to Evaluate Risks.  You acknowledge and agree that:  (1) no network, system, device, hardware, software, or component can be made fully secure; (2) you have the sole responsibility to evaluate the risks and benefits of the SB Products to your particular circumstances and requirements; and (3) CIS is not assuming any of the liabilities associated with your use of any or all of the SB Products.
  • CIS Liability.  You acknowledge and agree that neither CIS nor any of its employees, officers, directors, agents or other service providers has or will have any liability to you whatsoever (whether based in contract, tort, strict liability or otherwise) for any direct, indirect, incidental, consequential, or special damages that arise out of or are connected in any way with your use of any SB Product.
  • Indemnification.  You agree to indemnify, defend, and hold CIS and all of CIS's employees, officers, directors, agents and other service providers harmless from and against any liabilities, costs and expenses incurred by any of them in connection with your violation of these CIS SecureSuite Terms of Use.
  • Jurisdiction.  You acknowledge and agree that:  (1) these CIS SecureSuite Terms of Use will be governed by and construed in accordance with the laws of the State of New York; (2) any action at law or in equity arising out of or relating to these CIS SecureSuite Terms of Use shall be filed only in the courts located in the State of New York; and (3) you hereby consent and submit to the personal jurisdiction of such courts for the purposes of litigating any such action.
  • U.S. Export Control and Sanctions laws.  Regarding your use of the SB Products with any non-U.S. entity or country, you acknowledge that it is your responsibility to understand and abide by all U.S. sanctions and export control laws as set from time to time by the U.S. Bureau of Industry and Security (BIS) and the U.S. Office of Foreign Assets Control (OFAC).


  • Distribution of SB Products by Member.  CIS hereby grants to each Member in good standing the right to distribute the SB Products within such Member's own organization, whether by manual or electronic means.  Each such Member acknowledges and agrees that the foregoing grants in this paragraph are subject to the terms of any membership arrangement with CIS and may, therefore, be modified or terminated by CIS at any time. 
  • Membership Agreement.  For those CIS Members whose membership is governed by a membership agreement, in addition to these Terms of Use, Member shall be subject to the terms and conditions of that membership agreement.  To the extent any conflict exists between these Terms of Use and the terms of a Member's membership agreement, the terms of the membership agreement shall apply. 
  • No Reimbursement of Membership Fees.  In the event that a CIS SecureSuite Member terminates its membership prior to the end of the term of the membership, Member shall not be entitled to any reimbursement of membership fees or certification fees, unless: (1) Member terminates its membership for cause under the terms of its membership agreement; or (2) CIS terminates Member's membership for convenience, in which case CIS shall reimburse Member a Prorated amount of the Member's membership fee and any unused certification fees, if applicable. 


CIS Configuration Assessment Tool (CIS-CAT) Consulting Engagement Membership Terms of Use

The CIS-CAT Consulting Engagement Membership is for the use of CIS-CAT in consulting engagements only, and by one named consultant/individual within a consulting/audit firm only, and not for internal organizational use.  This membership is governed by the following Terms of Use. 

  • The following additional terms and conditions:
    • CIS-CAT usage shall be for use on your client systems only as part of a consulting engagement, and may not be used internally within your organization or business.
    • CIS-CAT usage shall be limited to one designated individual/named consultant only.
    • CIS-CAT Documentation includes, but is not limited to CIS-CAT Users Guide, CIS-CAT XML Customization Guide, CIS-CAT Tutorials, Help Options and any other associated documents contained in the CIS-CAT download file.
    • CIS SecureSuite staff support is available by email only for help downloading, running and/or reporting bugs/errors related to CIS-CAT as part of the membership benefits of a CIS-CAT Consulting Engagement Membership.  CIS Security Benchmarks staff support for implementing and/or customizing the tool is not included.  CIS-CAT Documentation is available to support the use and customization of the tool.
    • Your CIS-CAT Consulting Engagement Membership will begin upon completion of payment and will expire 30 days thereafter.  Following receipt of payment, an email will be sent to you with information to access CIS-CAT and CIS-CAT Documentation.  The details of your start date and expiration date will also be included.  If within 30 days following the expiration of this membership period, your company wishes to purchase an annual Organizational Consulting or Named Consultant SecureSuite membership, CIS will credit the $495 CIS-CAT Consulting Engagement Membership Fee towards that annual membership fee.
    • To the extent any conflict exists between these CIS-CAT Consulting Engagement Membership Terms of Use and the CIS SecureSuite Terms of Use, the terms and conditions of the CIS-CAT Consulting Engagement Membership Terms of Use shall apply.