Cybersecurity Advisories & Technical Guidance

NSA Leverages its elite technical capability to develop advisories and mitigations on evolving cybersecurity threats.

Browse or search our repository of advisories, info sheets, tech reports, and operational risk notices listed below. Some resources have access requirements.

For a subset of cybersecurity products focused on telework and general network security for end users, view our Telework and Mobile Security Guidance page here.

ImageTitlePublication Date
DDD-190716-058-083.PDFInfo Sheet: Cloud Security Basics (August 2018)8/29/2018
Info Sheet: Continuously Hunt for Network Intrusions (August 2019)8/30/2019
Info Sheet: Defend Privileges and Accounts (August 2019)8/30/2019
DDD-190716-296-078.PDFInfo Sheet: Defending Your DNS Infrastructure (June 2019)6/1/2019
DDD-200609-232-015.PDFInfo Sheet: Detect and Prevent Web Shell Malware (April 2020)4/22/2020
ELIMINATING_OBSOLETE_TLS_UOO197443-20.PDFInfo Sheet: Eliminating Obsolete TLS Protocol Configurations (January 2021)1/5/2021
CSI_EMBRACING_ZT_SECURITY_MODEL_UOO115131-21.PDFInfo Sheet: Embracing a Zero Trust Security Model (February 2021)2/25/2021
Info Sheet: Enforce Signed Software Execution Policies (August 2019)8/30/2019
Info Sheet: Exercise a System Recovery Plan (August 2019)8/30/2019
HARDENING_NETWORK_DEVICES.PDFInfo Sheet: Hardening Network Devices (August 2020)8/18/2020
Page 6 of 10

Additional Documents

The following resources require use of a Federal/DoD Public Key Infrastructure (PKI), Personal Identity Verification (PIV) or Common Access Card (CAC) client certificate. Read more information about these access requirements.