CISA’s 150+ List of Free Services and Tools
CISA has a MASSIVE list of free services and tools you can and should take advantage of.
Free
Last Pass – How secure is your password?
Website: https://lastpass.com/howsecure.php This tool is similar to the other password checkers I have listed, such as How Secure is my Password? and Password Monster. This one is fine and gets…
EICAR anti-malware test file
Website: https://www.eicar.org/?page_id=3950 The EICAR anti-malware test file is a harmless file that is used to test the effectiveness of anti-malware software. It was created by the European Institute for Computer…
Tenable NIST CSF Implementation Planning Tool (NIST CSF v.1.1)
Website: https://www.tenable.com/whitepapers/nist-csf-implementation-planning-tool The NIST Cybersecurity Framework (CSF) is a comprehensive set of guidelines for managing cybersecurity risk in organizations. The NIST CSF Implementation Planning Tool, developed by Tenable, provides a…
STIX
Website: https://oasis-open.github.io/cti-documentation/stix/intro Structured Threat Information Expression (STIX™) is a language and serialization format used to exchange cyber threat intelligence (CTI). This is a common, standardized way to share threat information…
CWE: Common Weakness Enumeration
Website: http://cwe.mitre.org CWE™ is a community-developed list of software and hardware weakness types. It serves as a common language, a measuring stick for security tools, and as a baseline for…
CAPEC: Common Attack Pattern Enumeration and Classification
Website: https://capec.mitre.org/index.html CAPEC is the way an attacker can exploit a CVE or generally target a CWE. From the site:The Common Attack Pattern Enumeration and Classification (CAPEC™) effort provides a…
ISO / IEC 27002 – Free toolkit ZIP
Website: https://www.iso27001security.com/html/toolkit.html The free ISO27k toolkit is a comprehensive collection of resources designed to assist organizations in improving their information security management. It provides practical and cost-effective solutions for small…
OSA – Open Security Architecture
Website: http://www.opensecurityarchitecture.org/cms/index.php Open Security Architecture (OSA) is a community-driven platform that provides free, open-source security architecture resources and tools. The platform was established to help security architects, solution designers, and…
O-ISM3 – maturity standard by the OPen Group
Website: https://www.ism3.com/node/39 O-ISM3 2.0 is an Information Security Management System (ISMS) framework that provides a structured approach to managing information security. It is designed to be customizable to meet the…