Working Group

Enduring Security Framework (ESF)

Related topics:
Partnerships and Collaboration, Information and Communications Technology Supply Chain Security, Securing Networks

The Enduring Security Framework (ESF) is a team of experts from the U.S. Government, Information Technology, Communications, and Defense Industrial Base sectors. It's a partnership that deals with threats to U.S. National Security Systems and critical infrastructure. ESF led by NSA and CISA, brings together people from both private and public sectors to tackle cybersecurity challenges based on intelligence.

The National Security Agency (NSA) serves as the Executive Secretariat of ESF, using authorities from the DHS Critical Infrastructure Partnership Advisory Council (CIPAC) to carry out ESF activities.

Enduring Security Framework Products

ImagePublicationRelease Date
Cover-ESF Recommendations for Increasing US Participation and Leadership in Standards Development

ESF Recommendations for Increasing U.S. Participation & Leadership in Standards Development

ESF Recommendations for Increasing US Participation & Leadership in Standards and Development - Spanish Translation

7/30/2024
ESF: A Retrospective Booklet Cover
Enduring Security Framework: A Retrospective3/15/2024
Cover: Securing the software supply chain recommended practices for managing OSS and SBOMs
ESF: Securing the Software Supply Chain: Recommended Practices for Managing Open Source Software and Software Bill of Materials12/11/2023
Cover: ESF securing the software supply chain: recommended practices for SBOMs
ESF: Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption11/9/2023
Cover page: ESF: Identity and Access Management: Developer and Vendor Challenges
ESF: Identity and Access Management: Developer and Vendor Challanges10/4/2023
Cover Page: ESF: 5G Network Slicing: Security Considerations for Design, Deployment, and Maintenance
ESF: 5G Network Slicing: Security Considerations for Design, Deployment, and Maintenance7/17/2023
Cover page: IAM Slicksheet
ESF: Identity & Access Management Slicksheet6/6/2023
Cover page: ESF: Identity and Access Management Recommended Best Practices for Administrators
ESF: Identity & Access Management Recommended Best Practices for Administrators3/21/2023
Cover page: IAM educational aid talking points
ESF: Identity & Access Management Educational Aid Talking Points3/21/2023
Cover page: IAM Educational Aid
ESF: Identity & Access Management Educational Aid3/21/2023
Cover page: ESF: Potential Threats to 5G Network Slicing
ESF: Potential Threats to 5G Network Slicing12/13/2022
Cover page: ESF: Securing the Software Supply Chain for Customers
ESF: Securing the Software Supply Chain Recommended Practices Guide for Customers11/17/2022
Cover page: Securing the Software Supply Chain: Recommended Practices Guide for Suppliers
ESF: Securing the Software Supply Chain: Recommended Practices Guide for Suppliers10/31/2022
Cover page: ESF: Securing the Software Supply Chain: Recommended Practices Guide for Suppliers Slicksheet
ESF: Securing the Software Supply Chain: Recommended Practices Guide for Suppliers Slicksheet10/31/2022
Cover page: ESF: Open Radio Access Network (Open RAN) security considerations
ESF: Open Radio Access Network (Open RAN) Security Considerations9/15/2022
Cover Page: Securing the Software Supply Chain for Developers
ESF: Securing the Software Supply Chain for Developers9/1/2022
Cover page: Security Guidance For 5G Cloud Infrastructures Part IV: Ensure Integrity of Cloud Infrastructure
Security Guidance for 5G Cloud Infrastructures Part IV: Ensure Integrity of Cloud Infrastructure12/16/2021
Cover page: Security Guidance for 5G Cloud Infrastructures Part III: Data Protection
Security Guidance for 5G Cloud Infrastructures Part III: Data Protection12/2/2021
Cover page: Security Guidance for 5G Cloud Infrastructures Part II: Securely Isolate Network Resources
Security Guidance for 5G Cloud Infrastructures Part II: Securely Isolate Network Resources11/18/2021
Cover page: Security Guidance for 5G Cloud Infrastructures Part I: Prevent and Detect Lateral Movement
Security Guidance for 5G Cloud Infrastructures Part I: Prevent and Detect Lateral Movement10/28/2021
Cover page: Potential Threat Vectors To 5G Infrastructure
Potential Threat Vectors to 5G Infrastructure5/10/2021

Tags

Sector: Information Technology Sector
Topics: Cyber Threats and Advisories, Information Sharing, Information and Communications Technology Supply Chain Security, Partnerships and Collaboration, Securing Networks