Dale is joined by Steve Pozza, CISA Section Chief of Operational Resilience, and Tom Millar, CISA Branch Chief of Resilience, to discuss some of CISA's security services for asset owners. They discuss:
- The Internet accessible attack surface enumeration and vulnerability scanning surface.
- Asset owners can buy products or services to do this. Why is the government doing this?
- What CISA is doing with this attack surface data?
- How is CISA measuring the success of this service offering?
- Other broadly available services and tools, the cybersecurity performance goals (CPG assessment) ~500 done in 2023 (and their thinking about self-assessments), Malcom traffic analysis tool, and a couple of other tools.
Links
- CISA Vulnerability Scanning Services
- Malcolm Tool