CISA publishes guide with free cybersecurity tools, resources for incident response

The resources can provide a foundation for dealing with the aftermath of cyberattacks.
Written by Charlie Osborne, Contributing Writer

CISA has published a guide containing free cybersecurity resources and services that may be valuable in incident response. 

The US Cybersecurity and Infrastructure Security Agency (CISA) is responsible for monitoring, managing, and reducing risk to the country's critical infrastructure. The federal agency is also known for issuing alerts relating to high-profile data breaches and vulnerability disclosures. 

Last month, CISA warned organizations to shore up their defenses in light of the cyberattacks endured by Ukraine's government, in which IT systems were disrupted, and government-owned website domains were defaced by suspected Russian cybercriminals. 

As part of an ongoing initiative to improve the cybersecurity posture of US infrastructure providers, critical services, and state to local governments, CISA has compiled a guide containing advice, resources, and links to services that can help organizations reduce their risk exposure as well as deal with the aftermath of a security incident. 

While CISA is keen to emphasize that the federal agency doesn't endorse the resources for specific use cases, the guide is separated into categories: foundational measures, how to reduce the likelihood of a "damaging" cyberattack; the steps to take to detect an intrusion, incident response, and resources for maximizing resilience to destructive attacks.

Also: CISA issues advisory warning of critical vulnerabilities in Airspan Networks Mimosa

The list contains a mixture of open source tools and software, services offered by public and private cybersecurity organizations, as well as resources provided by CISA itself for free. 

The federal agency first recommends that companies take basic steps to improve their security, including the implementation of patch cycles to fix known software vulnerabilities, implementing two-factor or multi-factor authentication (2FA/MFA), upgrading legacy and out-of-support software, and replacing default or old passwords. 

After tackling the above steps, CISA then recommends that organizations check out the additional categories. 

The resources include pointers to phishing assessment services, remote penetration tests, distributed denial-of-service (DDoS) protection, Project Shield, repositories for threat data, antivirus tools, forensics software, and backup services, among others.  

Skill levels for each service or tool are separated by way of basic or advanced knowledge requirements. 

CISA's list will be continually updated, and the agency intends to create a process for organizations to submit free tools and services for consideration in the future. 

See also 

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0

Editorial standards