CIS SecureSuite Product Membership

Membership allows product vendors the right to integrate the CIS SecureSuite content into their security software assessment and/or remediation product(s) and offering(s) and eligibility for CIS Benchmark Certification. Additionally, CIS offers Product Conformance Certification, which allows product vendor eligibility to certify a security product(s) adaptation to conform with security recommendation of a CIS Benchmark. In order to represent the software, product or offering as being CIS certified and/or use the CIS Security Software Certification Trademark in conjunction with the product or offering CIS Certification must be awarded. See Security Software Certification Overview below. Once awarded certification, a dedicated webpage on the CIS website is provided to market certifies products. Membership also allows vendors with security consultants, hosting, cloud and/or managed services products/offerings to use the CIS SecureSuite resources in consulting engagements with external customers and to secure client data in hosted, cloud, and/or managed services environments. A membership agreement is required and all use(s) will be incorporated as applicable to the organization.

 Annual Membership Fees based on Annual Revenue*

Annual Revenue Range

Annual Membership Fee

$1B +

$30,000

$100M - $999M

$25,000

$10M - $99M

$20,000

$1M - $9M

$15,000

$0k - $999K

$9,500

* Pricing in U.S. dollars. Subject to change. Annual revenue is verified using publicly available information.

Enroll Now

A membership agreement is required to use and incorporate the CIS SecureSuite resources into vendor products and offerings. The term of the membership and the agreement is one year from the date of execution. 

Please note that the CIS SecureSuite Terms of Use prohibit the public from redistributing the resources and/or from using them for any commercial purposes other than the uses in your membership category. This ensures that members are always working with the latest versions of the CIS SecureSuite resources that have been developed through the CIS consensus process. 

To learn more about this membership level and to request a copy of the agreement contact us.

Product Vendor Certification

Product Vendor Member language

As a CIS SecureSuite Product Vendor who has been awarded CIS Benchmarks Certification you may use the CIS Certified Logo and state the following:

MEMBER is a CIS SecureSuite product vendor member at CIS. MEMBER has incorporated the CIS Benchmarks resources and best practices in our products to measure and improve the security posture of our customers and has been awarded CIS Benchmarks Certification for the product(s) listed here:[INSERT DEDICATED CIS VENDOR PRODUCT CERTIFICATION PAGE LINK]

As a CIS SecureSuite Product Vendor who uses the CIS Benchmarks and/or CIS Controls and has not been awarded CIS Benchmarks Certification you may state the following:

MEMBER is a CIS SecureSuite product vendor member. As part of this community, MEMBER has access to consensus security configuration benchmarks, software, CIS Controls, metrics, and discussion forums where MEMBER is an integral stakeholder in collaborating on security best practices. MEMBER leverages these resources and best practices to measure and improve our organization's security posture.

Certification Overview

Certification includes the incorporation of the CIS Controls into your product and the right to market it as such. Includes rights to redistribute CIS Controls to customers through product - no redistribution through website, portal, etc. Can redirect customers to CIS website to download CIS Controls as well.

Incorporation of and/or attesting conformance of CIS Benchmarks in a product and marketing as such - Certification Required - includes redistribution of certified benchmarks to customers through offering /product - no redistribution through website, portal, etc. Use of CIS Certified Logo.

Membership allows product vendor companies eligibility for CIS Certification to use the CIS Benchmark content in their products and offerings.

CIS SecureSuite Membership allows vendor members to obtain up to 50 product certifications each year. Those members may also purchase additional bundles of 10 certifications for $5,000 that may be used across annual membership periods.

Independent companies develop CIS-certified software tools. They are business entities that have no agency, partnership, or joint-venture relationship with the CIS Benchmarks. Some make their software commercially-available to IT service and consulting companies, as well as corporate and government end users. Others utilize proprietary software in the delivery of secure IT services to their customers.

CIS certified products have been tested to accurately measure and report the conformity of computer configurations and/or remediate with the technical settings and actions defined in the CIS Benchmarks.

These companies share a common commitment to provide software and/or product that:

  • Monitors system security, thus helping their customers maintain CIS Benchmarks recommended system security configurations.
  • Reports how systems measure up to the CIS Benchmarks' configuration recommendations.
  • Produces security configuration scores, establishing a basis for setting performance goals, measurably improving system security, and reporting security status to customers and business partners.
  • Remediates a customers' system's conformance to CIS Benchmarks recommended security configurations.
  • Adapts to CIS Benchmarks' configuration recommendations.

Why Certify?

By obtaining CIS Certification of your security software product(s) you will:

  • Be recognized as a Product Vendor that provides CIS-Certified security software.
    You will be authorized to display the CIS Benchmarks "Certified" Logo in your product marketing program. Learn more about the CIS Security Software Certification Mark.

  • Improve customer identification and brand recognition of your security product(s).
    There are more than 20,000 unique visitors to the CIS website every month for configuration security information and authoritative resources. The site features a URL that profiles CIS Certified security tools and provides a link to your company website.

How to Certify with CIS

To obtain CIS Certification of its software and/or product concormance, a company must have an executed agreement in place and meet the requirements listed in the workflow documentation for certification at the time of certification. Compliance with requirements defined in the workflow documentation must be continuously maintained during the CIS Certification process.

Certification for Assessment Product

Certification for Remediation Product

Certification for Product Conformance

For more information about the testing and certification process, or to initiate CIS SecureSuite Product Vendor Certification for your company's security software product(s), contact us.