Official websites use .gov
Secure .gov websites use HTTPS
July 30, 2024
NSA Publishes Enduring Security Framework Document Providing Recommendations for U.S. Government, Industry, and Academia to Engage Standards Development Organizations
FORT MEADE, Md. – As technology continues to develop at an increasingly rapid pace, the U.S. needs to participate in and position itself as the leader in the creation of global standards, according to an Enduring Security Framework (ESF) report released today by the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA).
Dec. 11, 2023
NSA and ESF Partners Release Recommended Practices for Managing Open Source Software and Software Bill of Materials
FORT MEADE, Md. – The National Security Agency (NSA), Office of the Director of National Intelligence (ODNI), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have released a cybersecurity technical report (CTR), “Securing the Software Supply Chain: Recommended Practices for Managing Open Source Software and Software Bill of Materials,” which builds on the “Enhancing the Security of the Software Supply Chain through Secure Software Development Practices” paper [link] released by the Office of Management and Budget (OMB).
Nov. 9, 2023
NSA and ESF Partners Release Recommended Practices for Software Bill of Materials Consumption
The National Security Agency (NSA), Office of the Director of National Intelligence (ODNI), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have released a cybersecurity technical report (CTR), “Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption.”
Oct. 4, 2023
NSA and ESF Partners Release Report on MFA and SSO Challenges
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have released a cybersecurity technical report (CTR), “Developer and Vendor Challenges to Identity and Access Management,” to provide developers and vendors of multi-factor authentication (MFA) and single sign-on (SSO) technologies with actionable recommendations to address key challenges in their products.
July 17, 2023
ESF Members NSA and CISA Publish Second Industry Paper on 5G Network Slicing
Today, Enduring Security Framework (ESF) partners the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) published an assessment of 5G network slicing. ESF, a public-private cross-sector working group led by NSA and CISA, identifies three keys for keeping this emerging technology secure: Security Consideration for Design, Deployment, and Maintenance.
March 21, 2023
ESF Partners, NSA, and CISA Release Identity and Access Management Recommended Best Practices for Administrators
As part of the Enduring Security Framework (ESF), the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published the Recommended Best Practices Guide for Administrators to provide system administrators with actionable recommendations to better secure their systems from threats to Identity and Access Management (IAM).
Dec. 13, 2022
ESF Members NSA and CISA Provide Threat Assessment, Best Practices for 5G Network Slicing
FORT MEADE, Md. — Today, Enduring Security Framework (ESF) partners, along with experts from the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA), published their assessment of potential threats associated with 5G network slicing and strategies to help keep this emerging tech secure.
Nov. 21, 2022
Cybersecurity Speaker Series: 5G Security Impacts National Security
FORT MEADE, Md. — The National Security Agency (NSA) Cybersecurity Collaboration Center released the latest video in its Cybersecurity Speaker Series today, focusing on how 5G security factors into national security. The Speaker Series provides a forum for NSA to share insights, lessons, and contributions of its work in cybersecurity.
Nov. 17, 2022
ESF Partners, NSA, and CISA Release Software Supply Chain Guidance for Customers
FORT MEADE, Md. — The National Security Agency (NSA) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released Securing the Software Supply Chain for Customers today.
Oct. 31, 2022
ESF Partners, NSA, and CISA Release Software Supply Chain Guidance for Suppliers
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and Office of the Director of National Intelligence (ODNI) released Securing the Software Supply Chain: Recommended Practices Guide for Suppliers today. The product is through the Enduring Security Framework (ESF) — a public-private cross-sector working group led by NSA and CISA that provides cybersecurity guidance to address high priority threats to the nation’s critical infrastructure.