Enduring Security Framework (ESF)

Bringing public & private sectors together on Intelligence-driven, shared cybersecurity challenges.
Contact form

Overview

The Enduring Security Framework (ESF) is a public-private partnership that addresses risks to critical infrastructure and National Security Systems.

ESF is a cross-sector working group that operates under the auspices of Critical Infrastructure Partnership Advisory Council (CIPAC) to address threats and risks to the security and stability of U.S. National Security Systems and critical infrastructure. It is comprised of experts from the U.S. Government as well as representatives from the Information Technology, Communications, and the Defense Industrial Base sectors. ESF is charged with bringing together representatives from private and public sectors to work on intelligence-driven, shared cybersecurity challenges.

ESF is chartered by the Department of Defense, Department of Homeland Security, Office of the Director of National Intelligence, and the IT, Communications and Defense Industrial Base Sector Coordinating Councils. 

NSA serves as the Executive Secretariat of ESF and leverages DHS Critical infrastructure Partnership Advisory Council (CIPAC) authorities to conduct ESF activities.

Enduring Security Framework Products

ImageTitlePublication Date
Potential Threat Vectors To 5G InfrastructurePotential Threat Vectors To 5G Infrastructure5/10/2021
Security Guidance for 5G Cloud Infrastructures Part I: Prevent and Detect Lateral MovementSecurity Guidance for 5G Cloud Infrastructures Part I: Prevent and Detect Lateral Movement10/28/2021
Security Guidance for 5G Cloud Infrastructures Part II: Securely Isolate Network ResourcesSecurity Guidance for 5G Cloud Infrastructures Part II: Securely Isolate Network Resources11/18/2021
Security Guidance for 5G Cloud Infrastructures Part III: Data ProtectionSecurity Guidance for 5G Cloud Infrastructures Part III: Data Protection12/2/2021
Security Guidance For 5G Cloud Infrastructures Part IV: Ensure Integrity of Cloud InfrastructureSecurity Guidance For 5G Cloud Infrastructures Part IV: Ensure Integrity of Cloud Infrastructure12/16/2021
Securing the Software Supply Chain for DevelopersSecuring the Software Supply Chain for Developers9/1/2022
ESF: Open Radio Access Network (Open RAN) security considerationsESF: Open Radio Access Network (Open RAN) security considerations9/15/2022
Securing the Software Supply Chain: Recommended Practices Guide for SuppliersSecuring the Software Supply Chain: Recommended Practices Guide for Suppliers10/31/2022
ESF: Securing the Software Supply Chain: Recommended Practices Guide for Suppliers SlicksheetESF: Securing the Software Supply Chain: Recommended Practices Guide for Suppliers Slicksheet10/31/2022
ESF: Securing the Software Supply Chain for Customers Slick sheetESF: Securing the Software Supply Chain for Customers Slick sheet11/17/2022
Page 1 of 3