Service

Crossfeed

Task type
Assess your risk level
Readiness Level
Intermediate
Cyber Hygiene Services

Description

In 2020, the Cybersecurity and Infrastructure Security Agency (CISA) began piloting of a tool called Crossfeed, which was developed in collaboration with Defense Digital Service, to better understand the risks and status of the cyber infrastructure landscape across the nation and to communicate with entities if serious vulnerabilities were discovered.

As part of this pilot, Crossfeed mostly performed passive data collection using third-party application programming interfaces (APIs) and standard web scraping techniques used by search engines.

While the active pilot has concluded as of Oct. 1, 2021, CISA will continue to conduct limited, passive scanning to alert Federal agencies, SLTT entities, and critical infrastructure operators across the nation of any serious vulnerabilities. All traffic from Crossfeed to scanned assets is marked by a "Crossfeed" User-Agent header and is cryptographically signed so that entities can verify that the web traffic is coming from CISA. For instructions on verifying scans and other frequently asked questions, please refer to Crossfeed's documentation.

Related Services

Increase your resilience | Foundational, Intermediate, Advanced

Protective Domain Name System Resolver

CISA's Protective Domain Name System (DNS) Resolver Service is the evolution and successor to the DNS egress protection capability currently being delivered through E3A DNS Sinkhole.
Assess your risk level | Intermediate

Security Monitoring

Receive remediation scanning and quarterly scanning; annual assessments with applicable; and security control assessments for system accreditation.
Assess your risk level | Foundational

Technical Vulnerabilities Assessment

Receive a technical scan to measure the current security impacts and risks to a system through applicable security tools.