The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced this week that it has compiled a list of free cybersecurity tools and services that can help organizations to reduce cybersecurity risk and increase resilience.
The list is part of an ongoing project, it will be continuously updated by CISA that also plans to allow third parties to propose their resources to include in the list.
The list includes open source tools and free resources provided by government organizations and private cybersecurity firms.
The tools cover a broad range of activities normally conducted by defenders, from incident response to threat detection.
“As part of our continuing mission to reduce cybersecurity risk across U.S. critical infrastructure partners and state, local, tribal, and territorial governments, CISA has compiled a list of free cybersecurity tools and services to help organizations further advance their security capabilities. This living repository includes cybersecurity services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community. CISA will implement a process for organizations to submit additional free tools and services for inclusion on this list in the future.” reads the announcement published by CISA. “The list is not comprehensive and is subject to change pending future additions.”
The US agency proposed the following categorization according to the four goals outlined in CISA Insights: Implement Cybersecurity Measures Now to Protect Against Critical Threats:
The list already includes cybersecurity tools and services from major IT and cybersecurity firms, including ones provided by CISA, AT&T Cybersecurity, Cloudflare, Cisco, Center for Internet Security, CrowdStrike, Google, IBM, Microsoft, Mandiant, Splunk, SANS, Secureworks, Tenable, and Palo Alto Networks. The list also includes tens of tools are open source.
CISA pointed out that it does not endorse any commercial product or service.
(SecurityAffairs – hacking, CISA)