The Site is operated by CIS, a nonprofit enterprise whose mission is to make the connected world a safer place by developing, validating, and promoting timely best practice solutions that help people, businesses, and governments protect themselves against pervasive cyber threats.”
The purpose of the Site is to develop user originated, consensus-based security resources that will be owned and managed by CIS in accordance with the above stated mission, as well as to provide CIS SecureSuite Members with access to SecureSuite products and services.
Users of the Site may gain access from the Site to third party sites on the Internet through hypertext or other computer links. Third party sites are not within the supervision or control of CIS. Unless explicitly otherwise provided, CIS makes no representation or warranty whatsoever about any third-party site that is linked to the Site, and CIS does not endorse the products or services offered on any such site. CIS disclaims: (a) all responsibility and liability for content on any third-party websites and (b) any representations or warranties as to the security of any information (including, without limitation, credit card and other personal information) you might be requested to give any third party, and you hereby irrevocably waive any claim against CIS with respect to any such sites and third-party content.
The Site is offered and maintained by CIS from its facilities in the United States of America. If you are registering for, accessing or using the Site from other jurisdictions, you do so at your sole risk and are responsible for compliance with applicable law. CIS makes no representation that the Site is appropriate or available for use in any location.
TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, CIS OFFERS THE SITE AS-IS AND MAKES NO REPRESENTATIONS OR WARRANTIES OF ANY KIND CONCERNING THE SITE, EXPRESS, IMPLIED, STATUTORY OR OTHERWISE, INCLUDING, WITHOUT LIMITATION, WARRANTIES OF TITLE, MERCHANTIBILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NONINFRINGEMENT. CIS DOES NOT WARRANT THAT THE FUNCTIONS OR CONTENT CONTAINED ON THE SITE WILL BE UNINTERRUPTED OR ERROR-FREE, THAT DEFECTS WILL BE CORRECTED, OR THAT ITS SERVERS ARE FREE OF VIRUSES OR OTHER HARMFUL COMPONENTS. CIS DOES NOT WARRANT OR MAKE ANY REPRESENTATION REGARDING USE OR THE RESULT OF USE OF THE CONTENT IN TERMS OF ACCURACY, RELIABILITY, OR OTHERWISE.
IN NO EVENT WILL CIS, ITS EMPLOYEES, OFFICERS, DIRECTORS, AFFILIATES OR AGENTS ("THE CIS PARTIES") BE LIABLE TO YOU ON ANY LEGAL THEORY FOR ANY INCIDENTAL, DIRECT, INDIRECT, PUNITIVE, ACTUAL, CONSEQUENTIAL, SPECIAL, EXEMPLARY OR OTHER DAMAGES, INCLUDING WITHOUT LIMITATION, LOSS OF REVENUE OR INCOME, LOST PROFITS, PAIN AND SUFFERING, EMOTIONAL DISTRESS, COST OF SUBSTITUTE GOODS OR SERVICES, OR SIMILAR DAMAGES SUFFERED OR INCURRED BY YOU OR ANY THIRD PARTY THAT ARISE IN CONNECTION WITH THE SITE (OR THE TERMINATION OF USE THEREOF FOR ANY REASON), EVEN IF THE CIS PARTIES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE CIS PARTIES SHALL NOT BE RESPONSIBLE OR LIABLE WHATSOEVER IN ANY MANNER FOR ANY CONTENT POSTED ON THE SITE (INCLUDING CLAIMS OF INFRINGEMENT RELATING TO CONTENT POSTED ON THE SITE), FOR YOUR USE OF THE SITE, OR FOR THE CONDUCT OF THIRD PARTIES ON OR OTHERWISE RELATING TO THE SITE.
All text, images, and other materials on the Site are either the intellectual property of CIS or are included with the permission of the relevant owner.
Although Contributors provide specific rights to CIS, it is not intended that this should deprive Contributors of their right to exploit their Contributions. To underscore this principle, CIS confirms that Contributors may each make use of their Contributions in any way they wish, subject only to the restriction that no Contributor has the right to represent any such work as a CIS work product or equivalent of a CIS work product.
With respect to each Contribution, each Contributor represents that, to the best of his or her knowledge and ability: The Contribution properly acknowledges all Contributors, including any indirect Contributors. He or she has obtained the necessary permissions to submit the Contribution and to grant CIS the rights contained herein from each party that the Contributor reasonably and personally knows may have rights in the Contribution, including, without limitation, the Contributor’s sponsor or employer. No information in the Contribution is subject to any requirement of confidentiality or other restriction on its dissemination, and CIS may freely disclose any information in the Contribution. There are no limits to the Contributor's ability to make the grants, acknowledgments, and agreements herein that are reasonably and personally known to the Contributor. The Contributor has not intentionally included in the Contribution any material that is defamatory or untrue or that is illegal under the laws of the jurisdiction in which the Contributor has his or her principal place of business or residence. All trademarks, trade names, service marks, and other proprietary names used in the Contribution that are reasonably and personally known to the Contributor are clearly designated as such where reasonable.
The Contributor, and each named co-Contributor, acknowledges that CIS has no duty to publish or otherwise use or disseminate any Contribution. CIS reserves the right to withdraw or cease using any Contribution for whatever reason.
The Site provides access to consensus-oriented information security products, services, tools, metrics, suggestions, and recommendations ("SecureSuite Products") for CIS SecureSuite Members, subject to specific terms specified below on the CIS website, unless otherwise agreed to in writing with CIS. Except as otherwise provided herein for US-based SLTT entities, registering with and/or using the Site does not grant you CIS SecureSuite membership status.
Your category of membership shall govern the Terms and Conditions that govern your membership (click below for links):
If you are a CIS End User Organization Member, your terms can be found here.
If you are a CIS Named Consultant Member, your terms can be found here.
If you are a CIS Services and Consulting Member, your terms can be found here.
If you are a CIS Product Vendor Member, your terms can be found here
A SecureSuite Member has the ability to edit/modify CIS Benchmarks for use within the Member’s organization based upon the Member’s unique internal specifications and requirements (a "Customized Benchmark"). Once a Customized Benchmark is created, Member is prohibited from labeling or identifying such Customized Benchmark as a "CIS Benchmark."
As an SLTT Member, you are provided a CIS SecureSuite membership, subject to the following terms. If you cannot agree to these terms, please do not register with the Site and contact a CIS SecureSuite representative to review your [email protected].Academic Institutions (K-12, public and private colleges and universities) can view additional information regarding CIS SecureSuite Membership benefits here.
CIS is providing the SecureSuite Products “as is” and “as available” without: (1) any representations, warranties, or covenants of any kind whatsoever, including the absence of any warranty regarding: (a) the effect or lack of effect of any SecureSuite Product on the operation or the security of any network, system, software, hardware, or any component of any of them, and (b) the accuracy, utility, reliability, timeliness, or completeness of any SecureSuite Product); or (2) the responsibility to make or notify you of any corrections, updates, upgrades, or fixes.
You acknowledge and agree that: (1) no network, system, device, hardware, software, or component can be made fully secure; (2) you have the sole responsibility to evaluate the risks and benefits of the SecureSuite Products to your particular circumstances and requirements; and (3) CIS is not assuming any of the liabilities associated with your use of any or all of the SecureSuite Products.
You acknowledge and agree that neither CIS nor any of its employees, officers, directors, agents or other service providers has or will have any liability to you whatsoever (whether based in contract, tort, strict liability or otherwise) for any direct, indirect, incidental, consequential, or special damages that arise out of or are connected in any way with your use of any SecureSuite Product.
CIS hereby grants to you the right to distribute the SecureSuite Products within Your SLTT entity, whether by manual or electronic means.