We’re large followers of the U.S. Cybersecurity Infrastructure Safety Company (CISA), whose casual slogan of “An organization so committed to security that it’s in our name twice” is a supply of delight.
CISA is a non-regulatory authorities company devoted to defending U.S. and international infrastructure and organizations towards malicious hackers and their malware (and different sorts of threats).
Led by the very educated and ever-eclectic Director, Jen Easterly, CISA has turn out to be a number one authority in displaying the best way to raised cyber resiliency. Its main initiatives embody: preventing ransomware, Safe By Design coding, vulnerability bulletins, menace warnings, infrastructure safety, Okay-12 training, and inspiring multi-factor authentication (MFA) use.
One in every of CISA’s most beloved companies is the Recognized Exploited Vulnerability Catalog the place CISA lists all software program and firmware vulnerabilities utilized by real-world malicious actors to assault real-world targets. You’ll be able to subscribe to get immediate notices about what attackers are utilizing to efficiently compromise organizations and defend accordingly.
CISA is definitely probably the most impactful and helpful cybersecurity company within the U.S., and it has shut partnerships with different related organizations world wide. When you’ve got not but checked out CISA and the way they may help your group, it’s best to.
CISA Free Instruments
As a part of CISA’s service, they spotlight free instruments and companies from different distributors. KnowBe4 is happy to announce that two of our hottest instruments are listed on CISA’s assets and instruments web site. The instruments are:
Area Doppelgänger
Area Doppelgänger permits any group to search for potential malicious “evil twin” domains that hackers use for impersonation assaults. Many organizations are usually not even conscious of what unauthorized domains could also be on the market pretending to be their official group to potential victims. Beneath is an instance of the outcomes from Area Doppelgänger for knowbe4.com:
Area Doppelgänger can be utilized to disclose potential impersonated domains, which organizations can then use to get them taken down and eliminated.
The Weak Password Take a look at is a free device to assist IT directors know which customers have passwords which are simply guessed or vulnerable to brute power assaults, permitting them to take motion towards defending their group.
Weak Password Take a look at checks the Microsoft Energetic Listing (AD) for a number of sorts of weak password-related threats and generates a report of customers with weak passwords. Amongst checks, Weak Password Take a look at searches for:
- Weak Passwords
- Shared Passwords
- Empty Passwords
- Clear Textual content Passwords
- Passwords Not Required
- Passwords That By no means Expire
- Passwords with LANManager (LM) hashes
- Passwords Utilizing Weak Encryption
- Passwords Lacking Kerberos Pre-Authentication
For privateness, all evaluation and assessment are performed within the consumer’s atmosphere. No knowledge leaves the consumer’s atmosphere. The information pulled from AD is encrypted in the course of the check and all data obtained in the course of the check is saved in native reminiscence, to not disk. Weak Password Take a look at doesn’t show the passwords of any consumer accounts.
Right here is an instance outcome from our Weak Password Take a look at:
KnowBe4 has over a dozen fashionable free instruments and companies, which you’ll take a look at right here.
We’re proud to have a few of KnowBe4’s hottest instruments listed on CISA’s web site. We encourage all organizations to take a look at and use CISA’s superb assets and to comply with CISA’s steering. Any group doing so will likely be much better protected towards cybersecurity threats. Don’t miss utilizing among the finest assets accessible to cyber defenders.
