Shared Cybersecurity Services


Shared Cybersecurity Services (SCS) is a portfolio of Cybersecurity and Infrastructure Security Agency (CISA)-funded contracts that provides federal civilian agencies, state fusion centers, and select information sharing and analysis centers with no-cost access to commercial Cyber Threat Intelligence (CTI) and services.

Service Scope

SCS allows users to access, research, and enrich CTI through a commercial enterprise license. Core offerings include access to CTI management platforms (scoutPRIME, BloxOne Threat Defense, and Mandiant Advantage), automated sharing, training and IT Support, and limited analytical support (e.g. Requests for Information [RFIs]).

Service Vendors

CISA currently contracts with three commercial providers, LookingGlass, Infoblox, and Mandiant, to provide CTI and associated services. Each vendor provides a similar set of core offerings that includes access to: CTI platform accounts and training/technical support, Application Programming Interfaces (APIs) that support machine-to-machine threat data connections, and analyst support. In addition, each vendor offers specific capabilities, including Domain Takedowns and Phishing Analysis, tied to their special area of expertise. The SCS portfolio also allows the vendors to share and enrich intelligence, Indicators of Compromise (IOCs), and threat reporting amongst each other, ultimately enhancing the quality of CTI available to SCS users. See our SCS Mitigations and Phishing Analysis Fact Sheet for more information

How to Access SCS Services

To request vendor accounts or receive detailed information on individual vendor services, please contact: CISA.CTIS.SCS_Info@cisa.dhs.gov. For additional overview information please review the Shared Cybersecurity Services Overview Fact Sheet .

Was this webpage helpful?  Yes  |  Somewhat  |  No