CISA Develops Factsheet for Free Tools for Cloud Environments
Cybersecurity and Infrastructure Security Agency sent this bulletin at 07/17/2023 02:28 PM EDTYou are subscribed to Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated and is now available.
CISA has developed and published a factsheet, Free Tools for Cloud Environments, to help businesses transitioning into a cloud environment identify proper tools and techniques necessary for the protection of critical assets and data security. Free Tools for Cloud Environments provides network defenders and incident response/analysts open-source tools, methods, and guidance for identifying, mitigating, and detecting cyber threats, known vulnerabilities, and anomalies while operating a cloud or hybrid environment.
Cloud service platforms and cloud service providers (CSPs) have developed built-in security capabilities for organizations to enhance security capabilities while operating in cloud environments. Organizations are encouraged to use the built-in security features from CSPs and to take advantage of free CISA- and partner-developed tools/applications to fill security gaps and complement existing security features. Publicly available PowerShell tools exist to all network defenders for investigation and aid of an organization’s security posture, including:
- Cybersecurity Evaluation Tool (CSET),
- Secure Cloud Business Applications (SCuBA) Gear,
- Untitled Goose Tool,
- Decider, and
- Memory Forensic on Cloud (Japan CERT).
Note: These tools are highlighted and explained to assist with on-site investigation and remediation in cloud environments but are not all-encompassing and are provided for informational purposes only. CISA does not endorse any commercial product or service, including any subjects of analysis.
CISA encourages network defenders to take the measures above and consult the Free Tools for Cloud Environments factsheet to reduce the likelihood of a damaging cyber incident, detect malicious activity, respond to confirmed incidents, and strengthen resilience.
This product is provided subject to this Notification and this Privacy & Use policy.