APPLICATION THREAT MODELING WHITE PAPER
Written by ND-ISAC Application Security Working Group in “Application Threat Modeling“, members of the National Defense Information Sharing and Analysis Center (ND-ISAC) offer a structured and systematic methodology to enable organizations to analyze the architecture, understand the flow of information, detect threats, and identify risk mitigation strategies using a proactive approach. This process is executed ...
Software Security Controls: Application Programming Interface (API) Services
Application Programming Interface (API) Services are ubiquitous and becoming more popular every year. Like any technology, the security of APIs is increasingly important as their use spreads. The new whitepaper “Software Security Automation: API Services Security”, written by members of the National Defense Information Sharing and Analysis Center (ND-ISAC), dives into this topic and provides ...
Software Security Controls: Metrics Automation
In the white paper “Software Security Controls – Metrics Automation”, members of the National Defense Information Sharing and Analysis Center (ND-ISAC) complements the earlier series on Software Security Automation. This paper provides a roadmap to use the scan results provided by the security controls implemented in the Software Development Lifecycle (SDLC). This roadmap will help ...
APPSEC: REMEDIATION WORKFLOW AUTOMATION
Application Security: Remediation Workflow Automation In their third whitepaper, “Remediation Workflow Automation” members of the National Defense Information Sharing and Analysis Center (ND-ISAC) present a multi-stage process intended to enforce comprehensive remediation for findings identified in a highly automated Software Development Lifecycle (SDLC). While a remediation workflow is not specific to application security or software ...
ND-ISAC Kicks-Off 2021 Working Groups
Did you know ND-ISAC hosts over 23 working groups focused on cyber operations, threat intelligence, compliance/risk management, and engineering? During the past three years the ND-ISAC working group program has evolved from meetings of peers, to collaborative work environments where teams of subject matter experts combine to share security best practices, support cyber/technology program maturity, ...
ND-ISAC Application Security 3-Part Training Series: “Application Threat Modeling Training Series”
The National Defense Information Sharing and Analysis Center (ND-ISAC) is honored to announce that we will be offering an application threat modeling training series for our members. The ND-ISAC Application Security working group identified a subject matter expert to lead a training and discussion to further develop the content knowledge on application threat modeling. This ...
ND-ISAC Hosts SolarWinds Compromise Information Session with FireEye
On December 14 (Mon) FireEye briefed its latest findings on the SolarWinds compromise and discovery of the SUNBURST malware to a ND-ISAC members-only webinar. The company provided the latest information, including guidance on how to detect this attack, and answered questions with member companies of the National Defense Information Sharing and Analysis Center™ (National Defense ...
Software Security Automation: Security Controls Evaluation Criteria
Written by ND-ISAC Application Security Working Group In “Software Security Automation: Security Controls Evaluation Criteria“, members of the National Defense Information Sharing and Analysis Center (ND-ISAC) offer a practical approach for any enterprise application security team to use when selecting security tools for their organization. This Tool Evaluation Framework compliments the ND-ISAC AppSec Working Group’s ...
Cyber Assist Website – CMMC Resources For All Levels Available
The Defense Industrial Base (DIB) Sector Coordinating Council (SCC) Cyber Assist Website now includes the Cybersecurity Maturity Model Certification (CMMC) Level 4 and 5 associated resources. You can view the updates on the DIB SCC Cyber Assist Website listed below. All CMMC Levels 1-5 content and resources are updated and ready to view. https://ndisac.org/dibscc/cyberassist/cybersecurity-maturity-model-certification/ The ...
COVID-19 MEMORANDUM TO THE DEFENSE INDUSTRIAL BASE
On March 20, 2020, the Pentagon published a MEMORANDUM TO THE DEFENSE INDUSTRIAL BASE: subject: “Defense Industrial Base Essential Critical Infrastructure Workforce”. At approximately 10 a.m. on March 23, 2020; the Pentagon released the following supplemental guidance for widest dissemination. The following information and reporting format prescribe how DIB companies can contact DoD if they experience ...
DIB SCC Launches Cyber Assist Website
The DIB SCC announced the launch by the SCC Supply Chain Cybersecurity Task Force of the Cyber Assist website via the National Defense Information Sharing and Analysis Center (ND-ISAC). Link to Cyber Assist: https://ndisac.org/dibscc/cyberassist/ ...
Software Security Automation: A Roadmap Towards Efficiency and Security
Software Security Automation: A Roadmap Toward Efficiency and Security White Paper Written by ND-ISAC Application Security Working Group In “Software Security Automation: Roadmap Toward Efficiency and Security”, members of the National Defense Information Sharing and Analysis Center (ND-ISAC) lay out a strategy for transforming application security from a manual, disconnected, bolted-on process to an automated, ...
Mobile Security Best Practices
Mobile devices are everywhere, and their pervasive use presents a unique challenge in corporate environments. Recognizing the need to come together to discuss security, best practices, and solutions to mobile our ND-ISAC members came together earlier this year to form a Mobile Security Working Group. The working group set out to develop a list of practical mitigations to assist other ND-ISAC members to implement mobile security and provide lessons learned. ...
NDISAC Keynote at GW Veterans Day Ceremony
The National Defense ISAC Interim Executive Director, Major Carlos Kizzee, was honored to speak at the George Washington University 10th annual wreath-laying ceremony on November 9, 2018 to commemorate Veterans Day. Mr. Kizzee discussed the purpose o ...
Keeping Infrastructure Strong and Secure
November is Critical Infrastructure Security and Resilience Month, a nationwide effort to raise awareness and reaffirm the commitment to keep our Nation’s critical infrastructure secure and resilient. National Defense ISAC has committed to particip ...
NDISAC Best Practices: Password Security
As National Cybersecurity Awareness Month (NCSAM) winds down, I’ve been thinking of what a typical user can do to help their company secure their data. Cybersecurity is a team sport, even if your company doesn’t have a dedicated security team the ...
NDISAC DIB Security Engineering Summit Recap
Thank you to everyone who attended our first-ever National Defense Information Sharing and Analysis Center (NDISAC) Defense Industrial Base (DIB) Security Engineering Summit in December 2017. The summit brought together security operators, engineers ...
National Defense ISAC Voted into the National Council of ISACs
The National Defense Information Sharing and Analysis Center (NDISAC) is now an official member of the National Council of ISACs (NCI) after a unanimous member vote at the NCI meeting on December 12, 2017. With the NDISAC, the NCI is now comprised of ...
NDISAC Announces New Board Member
The National Defense ISAC is pleased to announce the addition of Christina Fowler, MITRE Principal Cyber Analyst, to the NDISAC Board of Directors. Christina previously served as the DSIE Steering Committee chair. Christina has been an active member ...
Veterans Day: Honoring All Who Have Served
On November 11, our Nation will pay tribute to our military veterans. Across the U.S., citizens will raise the American Flag to honor our troops. As a company focused on National Defense, veterans are a big part of who we are. Both NDISAC and our m ...
Welcome to Critical Infrastructure Security and Resilience Month
Welcome to Critical Infrastructure Security and Resilience Month 2017! November is Critical Infrastructure Security and Resilience Month, a nationwide effort to raise awareness and reaffirm the commitment to keep our Nation’s critical infrastructur ...
Happy National Cyber Security Awareness Month
Happy National Cyber Security Awareness Month (NCSAM) 2017! NDISAC is very excited to celebrate this year as an official NCSAM Champion. NCSAM is celebrated every October by raising awareness and ensuring safe practices online. The month is dedicate ...
DSIE® Announces Creation of and Merger with NDISAC™
The Defense Industrial Base Information Sharing and Analysis Organization (DIB-ISAO) has officially voted to approve the founding of and merging with the National Defense Information Sharing and Analysis Center™ (National Defense ISAC™ ) on Septe ...