The Cybersecurity & Infrastructure Security Agency (CISA) published a list of free cybersecurity tools and services to assist organizations reduce cyber security risks and further strengthen their security posture.
Before all else, CISA specifies key measures of a strong cyber security program:
Fix known security flaws in software
Implement multifactor authentication (MFA)
End bad practices, for example by immediately replacing end-of-life software products and those using default passwords
Perform vulnerability scanning to help identify and secure internet-facing systems
Protect assets from exposure on the public internet and reduce attack surface
Beyond these foundational measures, the list of more than one hundred available services and tools aims to reduce the likelihood of a damaging cyber incident, quickly detect a potential intrusion, ensure preparedness to respond to an intrusion and maximize organizational resilience.