Services

Design and document system access control processes and procedures that comply with federal guidelines.

Ensure that a concept of separation of duties is implemented and logical access controls and account lockout/disabling controls are in place.

Ensure your agency's or division's information security program is fully implemented and maintained with Analysis and Detection services.

Comprehensive support to establish and operate an anti-phishing program, which includes employee awareness and training, simulated attacks, and results analysis to inform training modifications and mitigate the risk of phishing attacks against an enterprise.

Design and document system audit log monitoring processes and procedures that comply with federal guidelines.

Request these services to determine business process and recovery criticality, identify resource requirements, and identify the recovery priorities for system resources.

CISA Tabletop Exercise Packages are a comprehensive set of resources designed to assist stakeholders in conducting their own exercises and initiating discussions within their organizations about their ability to address a variety of threat scenarios.

This service evaluates external network presence by executing continuous scans of public, static IPs for accessible services and vulnerabilities. It provides weekly vulnerability reports and ad-hoc alerts.

Create, update, and consult on information protection processes and procedures to develop the required documentation for a new or continuously monitored system needed for a security control assessment.

This service includes creating, updating, and/or consultation on information protection processes and procedures, yielding yields the required documentation for a new or continuously monitored system to prepare for a security control assessment.