Product Vendor

CIS Product Vendor Membership Benefits

• The ability to promote your integration of CIS best practices through a dedicated profile page on the CIS website
• Exclusive rights for CIS Benchmarks Certification, ensuring your products accurately assess, remediate for, and/or are configured to the CIS Benchmarks
• Tier one technical product support
• A dedicated CIS Account Manager
• For select tiers, Technical Account Manager services
• All of the benefits and licensing rights of CIS SecureSuite End User Membership 
• All of the benefits and licensing rights of CIS SecureSuite Services and Consulting Membership, including eligibility to obtain CIS Controls Accreditation 

In addition to these benefits and rights, Product Vendor Membership is the only CIS SecureSuite Membership that includes marketing support.

Marketing and Branding Benefits

CIS Provides:

• A dedicated vendor profile page on CIS’s website, which includes Member logo, Member tool name, Member website homepage URL, CIS Benchmarks Certification status, and/or CIS Controls Accreditation status
• Permission to use specialized, applicable CIS SecureSuite Product Vendor Member badges
• Templates for press releases and approved marketing language
• One 30-minute Marketing consultation to review CIS pre-approved marketing materials, marketing language, and suggested marketing activities to use the pre-approved materials and language
• Content and messaging review of one piece of Member-written marketing content on CIS-related products per year
• CIS subject matter expert (SME) to guest present at a Member-hosted webinar or mutually agreed upon industry event, once per year, pending CIS SME availability
• Engagement with Member’s CIS-related posts on LinkedIn or X (formerly known as Twitter), when Member tags the CIS account once per quarter.
• One case study published on the CIS website and cross-promoted

Additional benefits are available for select Membership Tiers (Tiers 6-8): 

• CIS subject matter expert (SME) to guest present at a Member-hosted webinar or mutually agreed upon industry event, total twice per year pending CIS SME availability
• Opportunity to contribute CIS subject matter expertise to Member-led marketing content on CIS-related products, such as a guide, blog post, or video, twice per year

CIS Benchmarks Integration

• Product Vendor Members commonly integrate CIS Benchmarks into their product offerings to provide capabilities such as configuration assessment, cloud security posture management, cloud native application protection, cloud workload protection, and many others.

CIS Controls Integration

• Product Vendor Membership also provides the ability to integrate the CIS Controls into product offerings to better support capabilities such as risk assessment, governance and compliance, and mapping various regulatory frameworks and standards.

Not Covered

• Hardware products and offerings are not covered under this Membership category. Please contact us to further discuss options and pricing for other use cases.
• The ability to integrate CIS-CAT^® Pro or other CIS tools into a product offering is not included under CIS SecureSuite Membership. Please visit our CIS OEM Partner Program to learn about further options and pricing for possible tool integration.
• Restrictions exist regarding use of and integration with CIS Hardened Images^® in cloud environments and providers. For any questions, contact us.

CIS Benchmarks Certification

CIS Benchmarks Certification differentiates Product Vendor Members integrating the CIS Benchmarks into their product offerings. The Certification establishes a sense of trust and validity to your customers and is required for all Product Vendor Members who integrate CIS Benchmarks.

CIS Benchmarks Certification Types

• CIS Benchmarks Assessment Certification certifies that an organization has a product that accurately assesses and reports the status of a system against the security recommendations in the associated CIS Benchmarks version and profile(s).
• CIS Benchmarks Remediation Certification certifies that an organization has a product with the capability to remediate endpoint(s) to align to the CIS Benchmarks, saving customers time by automatically configuring systems to the CIS Benchmarks as well as helping to address configuration drift.
• CIS Benchmarks Configuration Certification certifies a system’s configuration is in conformance with CIS Benchmarks, assuring that a system’s performance will not be negatively impacted when it is running in a CIS-hardened environment. Configuration Certification enables Product Vendor Members to foster a state that's “secure by design” with the CIS Benchmarks built in, tested, and certified at outset.

CIS Does Not Certify

• Product(s) that assess/score against the CIS Controls
• Software certification for a product or offering that extends beyond the ability to test conformance to a CIS Benchmark
• Whether a company’s IT infrastructure is CIS-hardened
• Whether a company’s hosting environment is CIS hardened and/or is in conformance with a CIS Benchmark or the CIS Controls

More about the CIS Benchmarks Certification Processes

• CIS Benchmarks Assessment Certification
• CIS Benchmarks Configuration Certification
• CIS Benchmarks Remediation Certification

CIS Controls Accreditation

With the Services and Consulting licensing rights included in Product Vendor Membership use, Members also have the option to obtain CIS Controls Accreditation.

• Accreditation offers the ability to provide CIS Controls implementation, auditing, and/or assessment with the assurance that the organization has met the consistent and rigorous standards of CREST certification..
• Details of the individuals performing assessments are captured to help assure that the organization is reputable, adheres to the code of conduct, and has a robust process for training staff to perform implementation/audit/assessments of CIS Controls.

More about the CIS Controls Accreditation Process

• CIS Controls Accreditation