Product Vendor

CIS SecureSuite Product Vendor Membership allows product vendors the right to integrate the CIS Benchmarks and the CIS Controls content into their security product and service offering(s).  In order to incorporate and market the CIS Benchmarks as part of a product offering, CIS Certification must be awarded to denote conformance with the CIS Benchmark. Fifteen (15) CIS Benchmark Certifications are included in a membership year. All product vendors interested in using CIS Benchmarks and CIS Controls commercially must obtain a CIS SecureSuite Membership.

CIS Product Vendor Membership Benefits

View a full list of benefits

Use Cases

  • Vendor members may use the CIS SecureSuite resources in consulting engagements with external customers, in hosting/cloud/managed services environments and on their own internal systems.
  • Remediation products, hardware products, and other offerings, are not covered under this Membership category. Please contact us to further discuss options and pricing for other use cases.
  • Incorporating CIS-CAT Pro or other CIS tools into a product or software is not permitted under the CIS SecureSuite Membership. Please contact us to further discuss options and pricing for possible tool integration.
  • Restrictions exist regarding use of and integration with CIS Hardened Images in cloud environments and providers.  For any questions, contact us.


Annual membership fees based on enrolling organization's annual revenue*:

Annual Revenue Range Annual Membership Fee
$500M+ $80,000
$100M - $499M $60,000
$10M - $99M $40,000
$1M - $9M $20,000
$250K - $999K $12,000
$0 - $249K $6,000

*Pricing in USD. Subject to change.

CIS Certifies

  • A vendor’s security software product’s ability to assess a system’s conformance to a specific CIS Benchmark (Assessment Option).
  • A product that contains a system (i.e., Operating System) for which CIS offers a CIS Benchmark whereas that system has been configured in accordance to a specific CIS Benchmark and can be assessed for conformance to the CIS Benchmarks (Product Conformance Option).

CIS Does Not Certify

  • A product’s ability to remediate a system to be in conformance with a specific CIS Benchmark (Remediation Option).
  • Product(s) that assess/score against the CIS Controls.
  • Software certification for a product or offering that extends beyond the ability to test conformance to CIS Benchmark.
  • Whether a company’s IT infrastructure is CIS hardened.
  • Whether a company’s hosting environment is CIS hardened and/or is in conformance with a CIS Benchmark or the CIS Controls

Marketing Opportunities

  • You may release and market your product(s) with the CIS Benchmarks Certified logo and state that the product is CIS Certified only after the respective product(s) has been awarded CIS Certification.
  • CIS will add/update your dedicated webpage on the CIS website to reflect any Certification(s) awarded. See list of vendor pages.
  • CIS will provide pre-approved language for to use in communications.
  • CIS will review any written or webinar CIS-related content to ensure accuracy of material and that branding/trademarks are used appropriately.
  • CIS will collaborate with the member to create a case study to be published on the CIS website, and cross-promoted by both CIS and the member.
  • If you are interested in any joint marketing efforts, please contact your CIS SecureSuite Member Success Account team member.

More about the CIS Benchmark Certification Processes

Arrow Review CIS SecureSuite Membership Terms of Use

CIS SecureSuite Membership logo


Ready to enroll?


Have questions about membership?
Contact us