CDM Program Approved Products List (APL)

CISA’s Continuous Diagnostics and Mitigation (CDM) Program provides a dynamic approach to fortifying the cybersecurity of government networks and systems. The CDM Program delivers cybersecurity tools, integration services, and dashboards that help participating agencies improve their security posture. 

The CDM Program’s Approved Products List (APL) is the authoritative catalog for approved products that meet CDM technical requirements. Software and hardware manufacturers and resellers can submit products for APL consideration monthly. CISA reviews each submission against established CDM Program criteria to validate the vendor’s claim that each product meets the requirements for the capability category for which it was submitted. 

The CDM APL is managed by the CISA Cybersecurity Division’s Capacity Building Acquisition and Budget office. Capacity Building Acquisition and Budget ensures that federal agencies have several ways to purchase approved CDM products. See below for details. 

APL supporting documentation (VPAT, EULAs, SCRM Plans) is available upon request for prospective agency customers. Please contact csd_cb.acqbudg@cisa.dhs.gov to request these documents.

If you have questions about CDM Program acquisitions or the CDM APL, please email us at csd_cb.acqbudg@cisa.dhs.gov.