Tools and Services

Here is a list of trusted cybersecurity tools and services.  We will update this page from time to time.  If you have a suggested site, please get in touch with us and let us know about it.  The links on this page take you to other websites not managed by LearnSecurity.org. LearnSecurity.org is not responsible for the content of external sites.

​

Approved and band software, hardware, and services

• Covered List (List of band hardware)

• List of Hardware, Software, and Services Banned by US Government (CMMC Information Institute, private site)

• Federal Acquisition Regulation (FAR) to implement National Defense Authorization Act (NDAA) § 889

• FedRAMP (fedramp.gov)

• StateRAMP (StateRAMP.org)

• Sanctions Related to Significant Malicious Cyber-Enabled Activities (Treasury.gov)

 

Data Breach Information

• have i been pwned?  Check if your email or phone is in a data breach.

• List of data breaches (Wikipedia)

• US States Data Breach Lists (IAPP)

• Cost of a data breach (IBM)

​

Threat Intelligence

• NETSCOUT Omnis Threat Horizon (Real-Time DDoS Attack Map)

• Digital Attack Map (Top daily DDoS attacks worldwide)

• Talos Cyber Attack Map (Top SPAM and Malware Senders)

• Cyber Threat Map (FireEye)

• Live Cyber Threat Map (CheckPoint)

• Threat Map (Fortinet)

• Threatbutt Internet Hacking Attack Attribution Map

• Cyberattack Maps & Threat Intelligence (Akamai)

• X-Force Exchange (IBM)

• Open Source Intelligence (OSINT) tools (Hackread)

• Unit 42 Blog (Palo Alto Networks)

• Mandiant Blog (Mandiant.com)

​

Information Sharing and Analysis Centers

• National Council of ISACs (nationalisacs.org)

• Multi-State Information Sharing and Analysis Center (MS-ISAC)

• Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC)

• Electricity Infrastructure Information Sharing and Analysis Center (E-ISAC)

• Aviation ISAC

• WaterISAC

• Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC)

• Surface Transportation ISACs

​

State of California

• The State Threat Assessment System (STAS)

• California Office of Emergency Services (Cal OES)

• California Cybersecurity Integration Center’s (Cal-CSIC)

​

Artificial Intelligence (AI)

• NIST Trustworthy & Responsible Artificial Intelligence Resource Center (AIRC), (NIST.gov)

• Responsible AI (Microsoft.com)

• National AI Initiative (ai.gov)

• Artificial Intelligence (UNESCO.org)

​

Email Security

• Message Header Analyzer (github)

​

Malware

• Virus Total (Analyse suspicious files, domains, IPs and URLs) 

​

Cyber Tabletop Exercise

• CISA Tabletop Exercise Packages (CTEPs) (CISA.gov)

• Elections Cyber Tabletop Exercise Package (CISA.gov)

• MS-ISAC Tabletop Exercises (cisecurity.org/ms-isac/)

• Cybersecurity Incident Response Exercise Guidance (ISACA.org)

• Tabletop Exercises (Ransomware.org)

• Cyber Incident Response Tabletop exercise, National Initiative for Cybersecurity Careers and Studies (NICCS.CISA.gov)

• ICBA Downloadable Exercises (ICBA.org)

• Virtual Table Top Exercise (VTTX) (FEMA.gov)

• Tabletop exercise scenarios: 3 real-world examples (csoonline.com)

• Washington State Office of Cybersecurity (WA.gov)

• Cybersecurity Tabletop Exercise Examples, Best Practices, and Considerations (rsisecurity.com)

• Top 5 ICS Incident Response Tabletops and How to Run Them (SANS.org)

• Cybersecurity Incident Response: Tabletop Exercises Using the Lego Serious Play Method (ISACA.org)

​

Vulnerabilities

• Cyber Hygiene Services scanning services (CISA.org)

• National Vulnerability Database (NIST.gov)

• CVE® Program (CVE.org)

• MITRE ATT&CK® framework (MITRE.org)

​

Configuration

• CIS Benchmarks List (cisecurity.org)

​

Advisories and Guidance

• CISA (CISA.org)

• NSA Cybersecurity Advisories & Guidance (NSA.gov)

• Computer Security Resource Center (NIST.gov)

​