Cyber IT Supervisory Forum eBook

Internal Use Only U.S. Treasury – Automated Threat Information Feed

Onboarded

On Deck

 Open-Source Feeds  Treasury Network Defense (TSOC)  FinCEN  OCCIP Indicator Notices and Circulars

 CRISP

5

October xx, 2022

Internal Use Only

CISA – Cyber Hygiene Scanning Service

 The Cybersecurity and Infrastructure Security Agency (CISA) Cyber Hygiene Scanning Service (CyHy) offers no-cost vulnerability scanning services for critical infrastructure entities  Participating organizations can receive CISA-conducted vulnerability scans on their internet facing systems  CyHy scans identify known exploited vulnerabilities (KEVs) and provide actionable feedback to the participating organization  A separate Web Application Scanning Service identifies weaknesses related to Open Worldwide Application Security Project (OWASP) categories  Enrollees receive individualized reports for each service that can aid awareness and decision making

6

October xx, 2022