Product Vendor

The CIS SecureSuite Product Vendor Membership allows organizations the right to incorporate CIS Benchmarks and CIS Controls into their security products and service offerings. It is inclusive of Consulting and Services use as well, which consists of using resources on client machines to assist with auditing or consulting engagements.

This Membership offers the opportunity to obtain CIS Certification for your products and offerings and the option to obtain CIS Controls accreditation.

Integration options may include CIS Benchmarks Assessment, Remediation, and/or Configuration certifications. Certification confirms your tools accurately assess environments and report findings against CIS Benchmark recommendations correctly. Certification options are listed below.

CIS Controls accreditation offers service providers a “stamp of approval” at the organization level, assuring that their customers can feel confident that they are doing business with a reputable and reliable CIS Controls assessment organization. 


CIS Product Vendor Membership Benefits

  End User
Services and
Product Vendors
Unlimited access to all CIS SecureSuite Membership resources, including CIS Benchmarks and CIS Controls  checkmark  checkmark  checkmark
Ability to develop custom configuration policy using CIS WorkBench  checkmark  checkmark checkmark
Access to configuration assessment tool CIS-CAT Pro Accessor and Dashboard  checkmark  checkmark checkmark
Access to CIS-CAT Pro, a CIS Controls self-assessment tool  checkmark  checkmark checkmark
CIS SecureSuite Member Update detailing new and updated CIS resources  checkmark  checkmark checkmark
CIS SecureSuite technical product support  checkmark  checkmark checkmark
Company listing on CIS website as CIS SecureSuite Member  checkmark  checkmark checkmark
Use of CIS SecureSuite Membership logo  checkmark  checkmark checkmark
Right to distribute the CIS SecureSuite resources throughout your organization  checkmark  checkmark checkmark
Eligible to use CIS SecureSuite resources (i.e. CIS-CAT Pro and CIS CSAT Pro) in consulting and auditing engagements  checkmark  checkmark checkmark
CIS-CAT Pro reports to share with your customers    checkmark   checkmark
Eligible to use the CIS SecureSuite resources to secure hosted environments or managed services    checkmark   checkmark
CIS Benchmark Certification      checkmark
CIS Controls Accreditation    checkmark  checkmark
Marketing Support      checkmark

View a full list of benefits


Use Cases

  • Vendor members may use the CIS SecureSuite resources in consulting engagements with external customers, in hosting/cloud/managed services environments and on their own internal systems.
  • Hardware products and offerings are not covered under this membership category. Please contact us to further discuss options and pricing for other use cases.
  • Incorporating CIS-CAT Pro or other CIS tools into a product or software is not permitted under the CIS SecureSuite Membership. Please contact us to further discuss options and pricing for possible tool integration.
  • Restrictions exist regarding use of and integration with CIS Hardened Images in cloud environments and providers. For any questions, contact us.


Contact us for pricing information


CIS Benchmarks Certification

CIS Certifies

  • The vendor has adapted its product to accurately assess and report to the security recommendations in the associated CIS Benchmarks version and profile(s). (CIS Benchmarks Assessment Certification)
  • The vendor has adapted the configuration of its product that contains a system to be in conformance with CIS Benchmark(s), assuring that the system’s performance will not be negatively impacted when product is running in a CIS hardened environment. (CIS Benchmarks Configuration Certification)
  • The vendor has adapted their product to have capability to push remediation script to end point to configure to align to CIS Benchmark(s) version and profile(s). (CIS Benchmarks Remediation Certification)

CIS Does Not Certify

  • Product(s) that assess/score against the CIS Controls.
  • Software certification for a product or offering that extends beyond the ability to test conformance to a CIS Benchmark.
  • Whether a company’s IT infrastructure is CIS hardened.
  • Whether a company’s hosting environment is CIS hardened and/or is in conformance with a CIS Benchmark or the CIS Controls

More about the CIS Benchmark Certification Processes

CIS Controls Accreditation

  • Accreditation offers the ability to provide CIS Critical Security Controls implementation, auditing, and/or assessment with the assurance that the organization has met the consistent and rigorous standards of CREST certification
  • Details of the individuals performing assessments are captured to help assure that the organization is reputable, adheres to the code of conduct, and has a robust process for training staff to perform implementation/audit/assessments of CIS Controls

More about the CIS Controls Accreditation Process

Marketing Opportunities

  • You may release and market your product(s) with the corresponding CIS Benchmarks Certified Badge and state that the product had received the denoted certification only after the respective product(s) has been awarded CIS Certification.
  • You may market your organization with the corresponding CIS Controls Accredited badge only after your organization has been awarded the Accreditation.
  • CIS will add/update your dedicated vendor profile page on the CIS website to reflect any Certifications(s) or Accreditation awarded. See list of vendor pages.
  • CIS can provide pre-approved language for use in communications.
  • CIS will collaborate with the member to create a case study to be published on the CIS website, and cross-promoted by both CIS and the member.
Review CIS SecureSuite Membership Terms of Use
CIS SecureSuite Membership logo  
Ready to enroll?
Have questions about membership?
Contact us