DIB Cybersecurity Services

Protect DoD information and reduce your risk of compromise through NSA's cybersecurity services.

Contractor Protection

Department of Defense (DoD) contractors have access to sensitive U.S. Government information and are frequently targeted by nation-state actors to gain access to USG information and intellectual property. Once you sign a contract with the DoD, you become an attractive target to our adversaries. Fortunately, you don't have to defend against them alone.

NSA offers no-cost cybersecurity services to any company that contracts with DoD (sub or prime) or has access to non-public DoD information. NSA's services help protect against some of the most common nation-state exploitation vectors and are powered by unique, non-public indicators of known malicious activity derived from NSA's signals intelligence, cybersecurity analytic expertise, and engagements with partners. These services include Protective DNS (a DNS filter), attack surface management, and access to non-public, DIB-specific NSA threat intelligence.

Download PDF

Do you have an active DoD contract? Enroll in NSA’s DIB Cybersecurity services.

Get Started

Types of Services

Protective DNS

Protective DNS

Domain Name System (DNS) is essentially the address book of the internet and redirects a human-readable URL such as www.NSA.gov to the appropriate machine-readable IP address. Because DNS is so central to the internet, it’s frequently hijacked by adversaries to install malware and gain initial access to sensitive systems.

Protective DNS (PDNS) is a DNS filter which blocks users from connecting to malicious or suspicious domains. To date, NSA’s PDNS program has blocked 1 billion malicious or suspicious domains, including nation-state spearphishing, malware, botnets, and ransomware activity. NSA’s PDNS program is provided through Akamai’s GovShield and powered with a continuously evolving combination of proprietary and governmental domain blocklists.

To learn more, review our PDNS Cybersecurity Information or watch our PDNS YouTube video.

Download PDF
Attack Surface Management

Attack Surface Management

Through this service, our team takes an adversarial approach to illuminate any internet facing assets, searching for ways your network might be vulnerable. This allows our customers to identify and remediate issues before they become compromises. Each customer receives a tailored, prioritized report of issues for mitigation, along with an overview of their organization’s Internet footprint.

NSA’s Attack Surface Management services also leverages unique threat intelligence regarding emerging malicious activities, which has been shown to disrupt nation-state campaigns targeting the DIB.

Download PDF
Threat Intelligence Collaboration

Threat Intelligence Collaboration

Enter into a voluntary, mutually beneficial cyber threat information sharing relationship with the NSA. Our team will establish a secure collaboration channel with your cyber threat analysts and share non-public, DIB-specific threat intelligence to help you prevent, detect, and mitigate malicious cyber activity. This channel is also a way for your team to submit questions and feedback on findings related to the threat intelligence we share directly back with us.

To date, this service has illuminated, exposed, and remediated active nation-state exploitation attempts across the hundreds of customers enrolled.

Download PDF
Autonomous Penetration Testing

Continuous Autonomous Penetration Testing

Penetration testing, or pentesting, is a critical security exercise for identifying vulnerabilities, validating security measures, and protecting sensitive data from falling into the wrong hands.

The NSA’s Continuous Autonomous Penetration Testing (CAPT) leverages an AI powered platform to give small businesses a way to conduct their own pentests for internal networks at no cost and with no prior expertise.

CAPT is highly configurable. It can simulate an outside attacker by assessing your security posture from the perspective of trying to breach the perimeter, or simulate a malicious insider (with or without credentials) to determine what data an attacker could access and what systems they could compromise. The service further verifies remediation once the user fixes a vulnerability by rerunning the test and providing proof of effective mitigation application.

Download PDF

FAQs

Collapse All Expand All
 What are the eligibility requirements?
We have a very low barrier for entry. You simply need an active DoD contract (sub or prime) OR access to non-public, DoD information.
 
 What are the next steps if we are interested?
Email DIB_Defense@cyber.NSA.gov. From there, the team will confirm you meet the qualifications and schedule a call if needed to answer any further questions you may have. If you decide you want to enroll, you’ll then sign a simple form and our third party commercial providers will help you implement the services as needed. In some cases, this process can take less than 30 minutes.
 
 Do I have to enroll in all three services?
You are welcome to enroll in all services or just one.
 
 Do you plan to add more services?
Yes, future pilots may include but are not limited to secure email, threat hunting, and cloud security. One of the benefits of enrolling in NSA’s current suite of cybersecurity services is that you may gain early access to additional pilots coming down the road.
 
 Does this help with our Cybersecurity Maturity Model Certification (CMMC) compliance requirements?
While CMMC level 2 compliance will ultimately be determined by a third-party review of your company’s system security plan, we believe our existing services and upcoming pilots may help companies meet several NIST 800-171 requirements. Protective DNS, Attack Surface Management, and Threat Intelligence Collaboration may satisfy several requirements in the Risk Assessment, System and Communications Protection, and System and Information Integrity families of requirements.
 
 Is this really free?
These services are free to you because DoD currently funds them. DoD has chosen to make this investment to help our valuable partners improve their cyber hygiene, reduce their risk of compromise, and better protect sensitive DoD information that may reside on their networks.

NSA provides these services on behalf of DoD due to our unique insights on sophisticated nation-state cyber threats, which are integrated into the services we offer.
 
 Why are you offering these services?
Our adversaries are using multi-faceted approaches to target the DIB and steal sensitive U.S. Government information and intellectual property. This has significant national security implications. We are choosing services that complement existing security architectures within the DIB and that enable us to assist with detection and analysis of sophisticated threats.
 
 What if my company has no cyber team or capabilities?
Some of these services, such as PDNS, are offered through commercial providers, who have the expertise required to help you set up these services within whatever resource constraints you may be working.
 
 Are we mandated to report incidents?
Pursuant to the voluntary partnerships that the NSA Cybersecurity Collaboration Center (CCC) has with our DIB partners, there is no requirement for an industry partner to report incidents to the NSA CCC. However, participants in our cybersecurity services are still certainly required to adhere to any reporting requirements in their DoD contracts or other applicable agreements.