The list is organized to align with CISA’s recent advisory on:
- Reducing the likelihood of a damaging cyber incident, including by preventing devices from connecting to malicious sites and scanning for security weaknesses and vulnerabilities, etc.
- Detecting malicious activity quickly, including by deploying network intrusion detection and prevention, undertaking penetration testing, and improving endpoint detections.
- Responding effectively to confirmed incidents, including through collection and analysis of malware and other artifacts.
- Maximizing resilience, including by automating system backups and enhancing threat modeling.
The catalog contains links to public sector resources, as well as free, commercially developed products from vendors such as Microsoft, Cisco, Google, and Splunk.
The full catalog can be accessed on the CISA.gov website.
Ken is a Cyber Security professional with over 15 years of experience. All opinions are his own, and do not reflect the opinions of his employer or clients.
No comments:
Post a Comment