5 free resources from the Cybersecurity and Infrastructure Security Agency (CISA)

The Agency for Cybersecurity and Infrastructure Security (CISA) is an agency of the United States Department of Homeland Security. CISA is responsible for improving cybersecurity and infrastructure protection at all levels of government, coordinating cybersecurity initiatives with US states and strengthen defenses against cyberattacks.

To help businesses improve their security capabilities, CISA offers free cybersecurity products and services.

Analysis of cyber-hygiene vulnerabilities

You can subscribe to this service by sending an email [email protected]. The analysis will start within 3 days and you will start receiving reports within two weeks. Once launched, this service is mostly automated and requires little direct interaction.

cisa cybersecurity

Cyber ​​Security Assessment Tool (CSET)

This tool provides organizations with a structured and repeatable approach to assess the security posture of their cyber systems and networks. It includes both high-level questions and detailed questions related to all industrial computer and control systems.

CSET

Checklist for implementing cybersecurity measures

This document outlines four goals for your organization:

  • Reduce the likelihood of a damaging cyber incident
  • Detect malicious activity quickly
  • Respond effectively to confirmed incidents
  • Maximize resilience.

cisa cybersecurity

Catalog of known exploited vulnerabilities (KEV)

The KEV Catalog helps you identify known software security vulnerabilities. You can search for software used by your organization and, if found, update it to the latest version according to the vendor’s instructions.

cisa cybersecurity

Malcolm Network Traffic Analysis Tool Suite

Malcolm is made up of several widely used open-source tools, making it an attractive alternative to security solutions that require paid licenses.

The tool accepts network traffic data in the form of Full Packet Capture (PCAP) files and Zeek logs. Visibility into network communications is provided through two interfaces: OpenSearch Dashboards, a data visualization plugin with dozens of pre-built dashboards providing an overview of network protocols; and Arkime, a tool for searching and identifying network sessions with suspected security incidents. All communication with Malcolm, both from the UI and from remote log senders, is secured with industry standard encryption protocols.

Malcolm operates as a cluster of Docker containers, isolated sandboxes that each perform a dedicated system function.

Malcolm


Source link