A list of free cyber security services and tools has been provided by the U.S. Cyber security and Infrastructure Security Agency (C.I.S.A.). This collection can help businesses improve their security capabilities and defend against intrusions. The list includes C.I.S.A. services, open-source utilities, and free tools and services from public and commercial sector organizations.
Purpose
The tools and services are aimed at assisting businesses in reducing the risk of a damaging cyber incident. It will also detect malicious activity immediately, respond to incidents, and maximise resilience.
Companies that Contributed
Approximately 100 tools and services are now on the list. These include tools of well-known companies such as Microsoft, Google, Cloudflare, Mandiant, Cisco, AT&T Cyber security, and I.B.M. Other companies that contributed include Center for Internet Security, CrowdStrike, Tenable, Splunk, VMware, SANS, Secureworks, and Palo Alto Networks. Twenty-five of the tools are open source and unaffiliated with any vendors.
The set is neither comprehensive nor immune to change. However, when combined with baseline security practices, it attempts to mature an entity’s cyber security risk management for a competent cyber security program.
Some of the well-known tools and services listed in the catalogue include:
- C.I.S.A.’s vulnerability scanning and incident response services
- Microsoft’s Defender Application Guard
- Microsoft Defender Antivirus
- Google Safe Browsing
- Cloudflare Zero Trust Services
- Mandiant Attack Surface Management
Foundational Measures
Additionally, C.S.I.A. also advises organisations to take strong foundational measures to implement rigid cyber security through the organisational environment. These measures include:
- Fix any software issues that have been discovered. For each software that a company utilises, check the C.I.S.A. Known Exploited Vulnerabilities (K.E.V.) Catalog. They should update the programme to the newest version if it is listed, following the vendor’s recommendations.
- When feasible, use multi-factor authentication. MFA is a multi-factor authentication system that protects your online accounts and the information they contain. Because unauthorised users will be unable to achieve the second authentication criterion if one factor (such as your password) is compromised, they will be unable to access your accounts. You must submit a combination of two or more authenticators to prove your identity before the service grants you access when you enable MFA in your online services.
- Stop poor habits that could hurt your company or compromise your data. End-of-life software products that are no longer receiving software upgrades should be replaced. Any system or product that relies on known/default/unchangeable passwords should be replaced. Use multi-factor authentication (MFA) to protect confidential and sensitive information.
- Sign up for the Cyber Hygiene Vulnerability Scanning offered by C.I.S.A. Email vulnerability@cisa.dhs.gov to sign up for this service. The majority of this service is automated. The vulnerability scans are performed by C.I.S.A., and a weekly report is delivered. Within 72 hours of collecting the needed papers, C.I.S.A. will begin scanning, and companies will get reports within two weeks.
- Reduce internet attack surfaces that are exposed to everybody on web-based search platforms by getting your stuff off search (S.O.S.).
Takeaway
Although many of the materials listed are from commercial companies, CISA emphasises that their inclusion does not imply that the agency endorses or favours them. CISA also stated that “it does not vouch to the suitability or usefulness of these services and tools for any particular use case.” CISA intends to keep the list up to date and allow third parties to include additional resources.
Related Reading: NIST publishes Zero Trust Architecture