Cyber Hygiene Services

Reducing the Risk of a Successful Cyber Attack

Adversaries use known vulnerabilities and phishing attacks to compromise the security of organizations. The Cybersecurity and Infrastructure Security Agency (CISA) offers scanning and testing services to help organizations reduce their exposure to threats by taking a proactive approach to mitigating attack vectors. CISA's available services are listed below:    

  • Vulnerability Scanning: Evaluates external network presence by executing continuous scans of public, static IPv4s for accessible services and vulnerabilities. This service provides weekly vulnerability reports and ad-hoc alerts.

Additionally, CISA recommends you further protect your organization by identifying assets that are searchable via online tools and taking steps to reduce that exposure.

Frequently Asked Questions

How much does it cost?

CISA cybersecurity assessment services are available at no cost.

Who can receive services?

Federal, state, local, tribal and territorial governments, as well as public and private sector critical infrastructure organizations.

When will my services begin?

Vulnerability Scanning typically begins within one week of completing the appropriate forms.

Who performs the service?

Cyber Hygiene services are provided by CISA’s highly trained information security experts equipped with top-of-the-line tools. Our mission is to measurably reduce cybersecurity risks to the Nation by providing services to government and critical infrastructure stakeholders.

Get Started

Email us at vulnerability@cisa.dhs.gov with the subject line “Requesting Cyber Hygiene Services” to get started.