CISA Resources
Who is CISA
The Cybersecurity and Infrastructure Security Agency (CISA) leads the national effort to understand, manage, and reduce risks to the cyber and physical infrastructure of the United States. It connects stakeholders in industry and government with resources, analyses, and tools to improve their cyber, communications, and physical security and resilience. This ensures a secure infrastructure for the American people. Source: CISA Overview
CISA Free Cybersecurity Services and Tools
On September 24, 2022, CISA released a list of free cybersecurity tools and services:
> "As part of our continuing mission to reduce cybersecurity risk across U.S. critical infrastructure partners and state, local, tribal, and territorial governments, CISA has compiled a list of free cybersecurity tools and services to help organizations further advance their security capabilities. This living repository includes cybersecurity services provided by CISA, widely used open-source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community." Source: CISA Free Cybersecurity Services
General CISA Cybersecurity Guidelines
- Fix known security flaws in software by referencing the CISA Known Exploited Vulnerabilities Catalog. Regularly update software to the latest versions as per vendor instructions.
- Implement multifactor authentication (MFA). MFA requires two or more authenticators to verify identity, providing enhanced protection over just a username and password.
- Halt bad practices such as using end-of-life software, systems with default passwords, and lacking MFA for critical systems.
- Sign up for CISA’s Cyber Hygiene Vulnerability Scanning by emailing [email protected]. Weekly reports help secure internet-facing systems.
- Get your Stuff Off Search (S.O.S.) by reducing internet-visible attack surfaces. Learn more at Get Your Stuff Off Search (S.O.S.).
CISA Tool Recommendations
Reducing the Likelihood of a Cyber Incident
| Service | Skill Level | Owner | Description | Link |
|---|---|---|---|---|
| Network Reporting | Basic | ShadowServer | A subscription service providing reports on network state and security exposures. | ShadowServer Network Reporting |
| Vulcan Cyber Remedy Cloud | Basic | Vulcan Cyber | A searchable database of remedies and fixes for vulnerabilities with analytics like "most-searched CVEs." | Remedy Cloud |
| Ransomware Risk Assessment | Basic | Zscaler | Assesses ransomware-specific intrusion defenses and recovery readiness. | Test My Defenses |
| Internet Threat Exposure Analysis | Basic | Zscaler | Evaluates cyber risk posture and scans for intrusion and data exfiltration exposures. | Zscaler Security Scan |
| CISA Vulnerability Scanning | Basic | CISA | Scans public IPs for accessible services and vulnerabilities, providing weekly reports. | Email: [email protected] |
| CISA Web Application Scanning | Basic | CISA | Evaluates web applications for security risks and offers recommendations. | Email: [email protected] |
| Cloudflare Unmetered Distributed Denial of Service Protection | Basic | Cloudflare | Protects websites and applications from DDoS attacks without compromising legitimate traffic. | Cloudflare DDoS Protection |
| Quad9 | Basic | Open Source | Blocks access to known malware and phishing sites. | Quad9 |
| Wireshark | Advanced | Open Source | A network protocol analyzer for inspecting and analyzing data from live networks or captures. | Wireshark |
| Snort | Advanced | Cisco | Intrusion detection and prevention system for traffic analysis and packet logging. | Snort |
Other Tools
- Microsoft Defender Application Guard: Provides isolated browsing to protect against malware.
- BitLocker: Encrypts Windows systems to secure data.
- Aircrack: Tests wireless network security.
Ensure Preparedness for Intrusions
Cyber Readiness
- Cyber Readiness Check (CRCs): Evaluates organizational security readiness.
- Purple Knight: Scans Active Directory for vulnerabilities and risks.