Thank You

Penetration Tests

The Center for Internet Security, Inc. (CIS®) offers penetration tests for network devices and web applications. This service is available ONLY to U.S. State, Local, Tribal, and Territorial (SLTT) government entities.

Fill out the form to receive more information about how CIS penetration tests can help your organization improve its security posture.

Penetration tests are a cost-effective service that simulates a real-world attack scenario against your network devices and web applications. Using a four-phased approach informed by the Open Web Application Security Project (OWASP) Top 10 Web Application Vulnerabilities Project and the NIST SP 100-115 Information Security Testing and Assessment standard, CIS testers attempt to exploit external resources, access internal resources, and compromise your network.

At the end of a penetration test, you receive a written report detailing the methods used by the CIS testers to uncover each vulnerability, the potential impact of exploitation, recommendations for remediation, and vulnerability references.

Learn More

First Name





I live in a state or country protected by privacy legislation, and/or I would like to receive occasional updates regarding CIS products and services. I understand I will have the opportunity to opt out of this request at any time.




I have read and agree to the Terms of Use. I may receive emails from CIS related to submitting this form and marketing emails if outside the EU unless I opt out.*


^ By submitting the form, I have reviewed the CIS Privacy Notice, which details the way in which CIS utilizes personal data, including the use of standard web beacons.

* Indicates required field

If you experience any issues during registration, please contact us at learn@cisecurity.org.