The Center for Internet Security (CIS) is a community of members who are IT security experts. These subject matter experts (SMEs) work together to develop and distribute security configuration benchmarks, benchmark audit tools, and security metrics. CIS is a not-for-profit organization and is governed by a volunteer board of directors; it is not owned or controlled by a corporation or government entity.
Any flaw in the way a computer program is written or used that makes your computer vulnerable to attack. Security experts also call this a security vulnerability.