Nonprofit Cyber Solutions Index

Nonprofit Cyber Solutions Index

wdt_ID wdt_created_by wdt_created_at wdt_last_edited_by wdt_last_edited_at Member Nonprofit Project or Solution Name Audience Benefit For URL Subject/Control Area Optional: Control Areas Description
1 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cyber Readiness Institute Cyber Leader Program Small and Medium Businesses Public https://cyberreadinessinstitute.org/cyber-leader-certification-program/ Cybersecurity Training and Workforce Development The Cyber Leader Certification Program is a personal professional credential that can be achieved after completing the Cyber Readiness Program.
2 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cyber Readiness Institute Cyber Readiness Program Small and Medium Businesses Public https://cyberreadinessinstitute.org/cyber-readiness-program/ Cybersecurity Training and Workforce Development The Cyber Readiness Program is a simple, practical way for organizations to provide security awareness training to employees and establish sustainable, effective cyber readiness practices. Specifically designed for small and medium-sized enterprises, this
3 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cyber Readiness Institute Cyber Readiness Guides Small and Medium Businesses Public https://cyberreadinessinstitute.org/resources/ Cybersecurity Awareness CRI offers guides on MFA, MSPs, Holiday Season, and other cyber issues and topics relevant to SMBS.
4 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Global Cyber Alliance Actionable Cybersecurity Tools (ACT) All Businesses Elections Offices/Officials Small and Medium Businesses Individuals Nonprofits/Charities Journalists Public https://act.globalcyberalliance.org/index.php/Main_Page Development of Tools and Services ACT offers an easy-to-use, wiki-style layout that can help you quickly find cybersecurity solutions that fit your unique needs. Using ACT, you can identify cybersecurity solutions to minimize the risk of disruptions to essential services that you and your
5 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM APWG eCrime eXchange All Businesses, Law Enforcement, Governments and Intergovernmental Organizations, National CERTs, Nonprofits/Charities Member https://apwg.org/ecx Collaborative Defensive Operations/Information Sharing CIS Control 9: Email and Web Browser Protections The APWG eCrime Exchange (eCX) is the clearinghouse and repository developed specifically to exchange machine event and Internet event data about common cybercrimes such as phishing. The APWG’s member organizations contribute new data, and extract data
6 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM APWG University Researcher Grants Researchers Public https://apwg.org/membership/research/ Cybersecurity research For the purpose of obtaining access to reliable source data for original research in cybercrime, the APWG honors requests from researchers, Universities, and NGO’s for access to resources within our eCrime Exchange (eCX). Accepted programs are granted a
7 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM APWG Phishing Activity Trends Report All Businesses, Individuals, Governments and Intergovernmental Organizations Public https://apwg.org/trendsreports Cybersecurity awareness Since 2004, the APWG Phishing Activity Trends Report, now quarterly, analyzes phishing attacks and other cybercrime events reported to the APWG by its member companies, institutions and national government agencies, through the organization’s website at
8 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cloud Security Alliance CSA Cyber Incident Sharing Center All Businesses Member https://cloudsecurityalliance.org/membership/enterprises/ Collaborative Defensive Operations/Information Sharing Private sharing enclave of cloud-related threat intelligence for members
9 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cloud Security Alliance CSA Research All Businesses Public https://cloudsecurityalliance.org/research/ Best Practices Development Location for complete archive of CSA research, all free to the public
10 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cloud Security Alliance Security, Trust, Assurance & Risk (STAR) Program All Businesses Public https://cloudsecurityalliance.org/star Cybersecurity Measurement CSA STAR has public registry of cloud providers complying with CSA Cloud Controls Matrix best practices. Free to view and download all entries to analyze the security of providers. Also free for providers to submit level one self assessments.
11 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cloud Security Alliance Zero Trust Resource Hub All Businesses Public https://cloudsecurityalliance.org/zt/resources/ Best Practices Sharing/Deployment Curated site of useful Zero Trust technical documents and standards
12 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CMMC Professionals Network (CPN) CMMC Pathways Security Personnel Member https://cmmcpathways.org/content.aspx?page_id=22&club_id=354848&module_id=711757 Cybersecurity Training and Workforce Development Practical, scenario-based training pathways for CMMC Level 1 and Level 2. These sessions, led by CPN expert advisors, provide members with hands-on experience using a specific technology stack (e.g., Google Workspace, PreVeil, Microsoft GCC High).
13 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CMMC Professionals Network (CPN) CMMC Professional Membership Security Personnel Member https://cmmcpathways.org/content.aspx?page_id=22&club_id=354848&module_id=711757 Cybersecurity Training and Workforce Development A program that connects CPN members with experienced CMMC professionals for personalized guidance. Mentors provide career advice, technical support, and help mentees navigate their professional journey in the CMMC field.
14 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberPeace Institute CyberPeace Cafes Nonprofits/Charities Public https://cyberpeaceinstitute.org/cyberpeace-cafe/ Cybersecurity Awareness, Cyber Hygiene Implementation CIS Control 14: Security Awareness and Skills Training CyberPeace Café is a repository of international and local cybersecurity awareness and digital resilience resources for NGOs’ employees and users in general.
15 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberPeace Institute CyberPeace Builders Nonprofits/Charities Member https://cyberpeaceinstitute.org/cyberpeacebuilders Best Practices Development,Best Practices Sharing/Deployment,Collaborative Defensive Operations/Information Sharing,Cyber Hygiene Implementation,Cybercrime Prevention,Cybercrime Victim Assistance,Cybersecurity Awareness,Cybersecurity Certification,Cyberse The CyberPeace Builders programme assists NGOs to build cybersecurity capacity through a trusted and dedicated network of corporate partners who provide volunteers managing a variety of free cybersecurity services for these NGOs.
16 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cyber Readiness Institute Ransomware Playbook Small and Medium Businesses Public https://cyberreadinessinstitute.org/resource/ransomware-playbook/ Best Practices Development How to prepare for, respond to, and recover from a ransomware attack
17 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cyber Threat Alliance Magellan Automated Sharing Platform Security Operations Entities,Cybersecurity Providers Member https://cyberthreatalliance.org Collaborative Defensive Operations/Information Sharing Magellan is CTA's automated threat indicator sharing platform. Member companies submit indicators of compromise and associated context to the platform; members can then retrieve submissions by others. All CTA members are required to submit a minimum numbe
18 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cyber Threat Alliance Analytic Sharing Cybersecurity Providers Member https://cyberthreatalliance.org Collaborative Defensive Operations/Information Sharing CTA maintains several channels for members to share threat intelligence at human speed, including dedicated WebEx channels, regular virtual meetings among member representatives, and pre-publication sharing of embargoed blog posts, reports, and research p
19 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cyber Threat Alliance Partnership Program Information Sharing Organizations Member https://cyberthreatalliance.org Collaborative Defensive Operations/Information Sharing CTA partners with other information sharing organizations, such as Information Sharing and Analysis Centers (ISACs), to enable informal, human speed collaboration among these entities. This program is open to threat sharing organizations that otherwise do
20 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cyber Threat Alliance Analytic Reports Cybersecurity Providers Public https://cyberthreatalliance.org Collaborative Defensive Operations/Information Sharing CTA produces long-form analytic reports on cyber threats and potential mitigations. We develop these reports based on member and partner interest in a particular topic or threat.
21 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cyber Threat Alliance Policy Governance Governments and Intergovernmental Organizations Public https://cyberthreatalliance.org Collaborative Defensive Operations/Information Sharing CTA supports the development, enactment, and employment of effective cybersecurity legislation, regulation, policy, and practices around the world. We engage with organizations such as the Aspen Institute, the World Economic Forum, the Cybersecurity Coal
22 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cyber Threat Alliance Threat Intelligence Sharing Cybersecurity Providers Public https://cyberthreatalliance.org/ Collaborative Defensive Operations/Information Sharing,Cybercrime Prevention The Cyber Threat Alliance improves the cybersecurity of the global digital ecosystem by enabling real-time, high-quality cyber threat information sharing among companies and organizations in the cybersecurity field.
23 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberWyoming Alliance Cyber in a Box School Video Challenge Educators Public https://cyberwyoming.org/cyber-in-a-box/ Cybersecurity Education (pre-college) Teams of Wyoming students are provided $100 and tshirts to make a cyber safety video. The program materials are available for free to organizations outside of Wyoming that would like to start their own program.
24 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberWyoming Apprenticeship and Internships MSPs and MSSPs Public https://cyberwyoming.org/programs/apprenticeship-internship/ Cybersecurity Training and Workforce Development CyberWyoming offers three apprenticeship programs: Cybersecurity Support Technician, IT Specialist, and Cybersecurity Business Counselor for Microbusinesses. We also offer student internships and pre-apprenticeship training and support.
25 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberWyoming Business Notification List Small and Medium Businesses Public https://cyberwyoming.org/programs/business-notification-list/ Cybersecurity Awareness CyberWyoming provides small business with up to date local and national reports for threats that could affect their resiliency.
26 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberWyoming Alliance Teens Exploring Careers Camp Higher Education Public https://cyberwyoming.org/programs/camp/ Cybersecurity Education (pre-college) A camp for teens to explore careers in a digital setting. From a murder mystery over intellectual property in a business creative firm to a hospital theater that gets ransomware, teens will learn real-world skills in an experiential setting! Free curricu
27 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberWyoming Cybersecurity Business Counselor Training Economic Development Agencies Public https://cyberwyoming.org/programs/cbc/ Cybersecurity Certification Cybersecurity is a specialty area for business advisors. CyberWyoming provides a Cybersecurity Business Counselor registered apprenticeship program to help advisors incorporate cybersecurity best practices in their day to day work with their clients.
28 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberWyoming Change Company Culture Small and Medium Businesses Public https://cyberwyoming.org/programs/change-company-culture/ Cybersecurity Training and Workforce Development CyberWyoming provides easy ways to change your company to a security aware culture including no-think training and awareness campaigns for office managers.
29 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberWyoming Cybersecurity Competition for Small Businesses Small and Medium Businesses Public https://cyberwyoming.org/programs/competition/ Cybersecurity Training and Workforce Development Wyoming's Cybersecurity Competition for Small Businesses is an annual, high-touch, one-on-one, on-the-job training program that results in the winners speaking at our statewide conference. In a fun atmosphere, small businesses from massage to manufacturi
30 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberWyoming Alliance Hacker's Brief Individuals Public https://cyberwyoming.org/programs/hackers-brief/ Cybersecurity Awareness The weekly Hacker's Brief, where Wyomingites report scams to alert their friends, family and neighbors, is a weekly publication for community Facebook groups, company newsletters, and Wyoming newspapers. Anyone can register to receive the Brief.
31 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberWyoming Alliance Lego Attack & Defense Models Educators Public https://cyberwyoming.org/programs/legos/ Cybersecurity Education (pre-college) Wyoming teachers can order a Lego Attack and Defense Model to use in their classroom to teach computer science and cybersecurity principles.
32 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberWyoming Alliance Senior Alert Flyers Individuals (Seniors) Public https://cyberwyoming.org/programs/seniors/ Cybersecurity Awareness Using the local scam reports from the Hacker's Brief senior flyers are created on a monthly basis, to be tucked into meal delivery services to alert our most vulnerable seniors.
33 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Dashboard All Businesses, Individuals, Carriers/Communications, Content Providers, Critical Infrastructure, Financial Institutions, Governments and Intergovernmental Organizations, Governments: US State/Local/Tribal/Territorial (SLTT), Information Sharing Organizat Public https://dashboard.shadowserver.org Collaborative Defensive Operations/Information Sharing, Cybersecurity Awareness Shadowserver maintains a Public Dashboard that allows any user to explore many Internet-scale security datasets (high-level statistics only)
34 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM APWG APWG Malicious Domain Suspension Program (AMDoS) Cybersecurity Providers, Law Enforcement Member https://ecrimeresearch.org/amdos/ Collaborative Defensive Operations/Information Sharing CIS Control 17: Incident Response Management The APWG Malicious Domain Suspension (AMDoS) system enables Accredited Interveners to submit suspected malicious domain names for investigation and suspension by Sponsoring Registrars and Top-Level Domain Registries. AMDoS orders and systematizes suspensi
35 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM APWG Symposium on Electronic Crime Research Researchers Public https://ecrimeresearch.org/ecrime-symposium/ Research and Knowledge Development The APWG Symposium on Electronic Crime Research (APWG eCrime), founded in 2006 as the eCrime Researchers Summit, was conceived as a comprehensive, multi-disciplinary venue to present applied research into electronic crime, engaging every aspect of its evo
36 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM APWG APWG Phishing Education Landing Page Content Providers Public https://ecrimeresearch.org/education-landing-page/ Cybersecurity awareness CIS Control 14: Security Awareness and Skills Training The Phishing Education Landing Page replaces phishing pages with a redirect that sends users to a page of online safety and security instructions when they click on phishing URLs – instead of a confusing 404 message. The APWG launched the program in 200
37 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cybercrime Support Network Fightcybercrime.org Individuals,Small and Medium Businesses Public https://fightcybercrime.org Cybercrime Victim Assistance Cybercrime Support Network provides information for individuals and small and medium businesses to recognize, report and recover from cybercrime. Cybercrime Support Network is your advocate and partner in protecting your online data and privacy.
38 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cybercrime Support Network Military & Veteran Program Individuals Public https://fightcybercrime.org/programs/milvet/ Cybercrime Victim Assistance CSN has created the Partnership to FightCybercrime, a bold new alliance of military and veteran service organizations, non-governmental organizations, corporations, foundations, and federal agencies. By collaborating with this alliance to provide relevant
39 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cybercrime Support Network Peer Support Program Individuals Public https://fightcybercrime.org/programs/peer-support/ Cybercrime Victim Assistance To support individuals impacted by romance imposter scams, Cybercrime Support Network offers a free, confidential Peer Support Program for romance scam survivors. The counselor-led sessions provide a safe virtual environment for individuals to work throug
40 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Forge Institute Cyber Summit Security Personnel Public https://forge.institute/summit Collaborative Defensive Operations/Information Sharing The Forge Cyber Summit is a groundbreaking event bringing together global leaders, innovators, and experts in the field of cybersecurity. With the goal of shaping the future of digital security, the summit provides a platform for insightful discussions, c
41 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Global Cyber Alliance Cybersecurity Toolkit for Elections Elections Offices/Officials Public https://gcatoolkit.org/elections/ Cyber Hygiene Implementation CIS Control 1: Inventory and Control of Enterprise Assets, CIS Control 2: Inventory and Control of Software Assets, CIS Control 3: Data Protection, CIS Control 4: Secure Configuration of Enterprise Assets and Software, CIS Control 5: Account Management, C The tools in the GCA Cybersecurity Toolkit for Elections have been selected to assist election offices and officials augment their security programs with free operational tools and guidance which support implementation of the recommendations in the EI-ISA
42 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Global Cyber Alliance Cybersecurity Toolkit for Individuals Individuals Public https://gcatoolkit.org/individuals/ Cyber Hygiene Implementation CIS Control 1: Inventory and Control of Enterprise Assets,CIS Control 2: Inventory and Control of Software Assets,CIS Control 4: Secure Configuration of Enterprise Assets and Software,CIS Control 6: Access Control Management,CIS Control 9: Email and Web B The GCA Cybersecurity Toolkit for Individuals provides free and effective tools to help protect individuals from cyber risks. The included free tools, services and resources focus on basic cyber hygiene to enable people to significantly reduce their risk
43 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Global Cyber Alliance Cybersecurity Toolkit for Journalists Journalists Public https://gcatoolkit.org/journalists/ Cyber Hygiene Implementation CIS Control 1: Inventory and Control of Enterprise Assets,CIS Control 2: Inventory and Control of Software Assets,CIS Control 4: Secure Configuration of Enterprise Assets and Software,CIS Control 6: Access Control Management,CIS Control 9: Email and Web B This GCA Cybersecurity Toolkit for Journalists empowers independent journalists, watchdogs, and small newsrooms with information and tools to protect their sources and reputation. It helps the user to assess their security posture, implement free tools, f
44 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Global Cyber Alliance Cybersecurity Toolkit for Mission-Based Organizations Nonprofits/Charities Public https://gcatoolkit.org/mission-based-orgs/ Cyber Hygiene Implementation CIS Control 1: Inventory and Control of Enterprise Assets,CIS Control 2: Inventory and Control of Software Assets,CIS Control 4: Secure Configuration of Enterprise Assets and Software,CIS Control 6: Access Control Management,CIS Control 9: Email and Web B The GCA Cybersecurity Toolkit for Mission-Based Organizations provides a set of free tools, guidance, and training designed to help organizations take key cybersecurity steps and be more secure.
45 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Global Cyber Alliance Cybersecurity Toolkit for Small Business Small and Medium Businesses Public https://gcatoolkit.org/smallbusiness/ Cyber Hygiene Implementation, Cybersecurity Awareness CIS Control 1: Inventory and Control of Enterprise Assets,CIS Control 2: Inventory and Control of Software Assets,CIS Control 4: Secure Configuration of Enterprise Assets and Software,CIS Control 6: Access Control Management,CIS Control 9: Email and Web B The GCA Cybersecurity Toolkit for Small Business provides free and effective tools to reduce cyber risk. The tools are carefully selected and organized to make it easy to find and implement cybersecurity controls that will help organizations defend themse
46 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security CIS-RAM (Risk Assessment Method) All Businesses Public https://learn.cisecurity.org/cis-ram Cybersecurity Measurement An information security risk assessment method that helps organizations implement and assess their security posture against the CIS Critical Security Controls (CIS Controls) cybersecurity best practices.
47 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM APWG STOP. THINK. CONNECT. Cybersecurity Awareness Campaign All Businesses Public https://messagingconvention.org Cybersecurity awareness CIS Control 14: Security Awareness and Skills Training The STOP. THINK. CONNECT. program is a cybersecurity public awareness campaign of shared assets promoted by industry, NGOs and national government deployments and through MoUs with multilateral treaty organizations. STOP. THINK. CONNECT. was conceived and
48 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Open Cybersecurity Alliance STIX Shifter Developers and Development Organizations, Security Personnel Public https://opencybersecurityalliance.org/ Development of Tools and Services,Collaborative Defensive Operations/Information Sharing CIS Control 10: Malware Defenses,CIS Control 13: Network Monitoring and Defense,CIS Control 17: Incident Response Management Structured Threat Information eXpression (STIX™) is a software library and toolchain that allow SOC personnel and threat hunters to query data across many different security tools and have that data all be normalized to a common data format (the OASIS S
49 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Open Cybersecurity Alliance Kestrel Threat Hunting Language Developers and Development Organizations,Security Personnel Public https://opencybersecurityalliance.org/ Development of Tools and Services,Collaborative Defensive Operations/Information Sharing CIS Control 10: Malware Defenses,CIS Control 13: Network Monitoring and Defense,CIS Control 17: Incident Response Management Kestrel is a threat hunting language aiming to make cyber threat hunting fast by providing a layer of abstraction to build reusable, composable, and shareable hunt-flow. Kestrel sits on top of STIX Shifter and uses it to provide a full universal threat hu
50 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Open Cybersecurity Alliance Posture Attribute Collection and Evaluation (PACE) Developers and Development Organizations,Security Personnel Public https://opencybersecurityalliance.org/ Development of Tools and Services,Collaborative Defensive Operations/Information Sharing CIS Control 10: Malware Defenses,CIS Control 13: Network Monitoring and Defense,CIS Control 17: Incident Response Management Posture Attribute Collection and Evaluation (PACE) is an Open Cybersecurity Alliance (OCA) project. Posture assessment generally consists of understanding, for a given computing resource (or set of computing resources), software load, composition of that
51 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OpenSecurityTraining2 OpenSecurityTraining2 All Businesses,Governments,Individuals Public https://ost2.fyi Cybersecurity Training and Workforce Development Free online deep-technical vocational cybersecurity training
52 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP Top 10 Web Developers Public https://owasp.org/Top10/A00_2021_Introduction/ Best Practices Development CIS Control 14: Security Awareness and Skills Training The OWASP Top 10 is primarily an awareness document. However, this has not stopped organizations using it as a de facto industry AppSec standard since its inception in 2003. If you want to use the OWASP Top 10 as a coding or testing standard, know that it
53 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP Amass Cybersecurity Providers Public https://owasp.org/www-project-amass/ Cybersecurity Testing CIS Control 1: Inventory and Control of Enterprise Assets The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques.
54 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP Application Security Verification Standard Developers and Development Organizations Public https://owasp.org/www-project-application-security-verification-standard/ Secure Development CIS Control 16: Application Software Security The OWASP Application Security Verification Standard (ASVS) Project provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development.
55 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP Cheat Sheet Series Developers and Development Organizations Public https://owasp.org/www-project-cheat-sheets/ Best Practices Development CIS Control 16: Application Software Security The OWASP Cheat Sheet Series was created to provide a set of simple good practice guides for application developers and defenders to follow. Rather than focused on detailed best practices that are impractical for many developers and applications, they are
56 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP CSRFGuard Developers and Development Organizations Public https://owasp.org/www-project-csrfguard/ Cyber Hygiene Implementation CIS Control 4: Secure Configuration of Enterprise Assets and Software OWASP CSRFGuard is a library that implements a variant of the synchronizer token pattern to mitigate the risk of Cross-Site Request Forgery (CSRF) attacks.
57 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP CycloneDX Developers and Development Organizations Public https://owasp.org/www-project-cyclonedx/ Best Practices Development CIS Control 2: Inventory and Control of Software Assets OWASP CycloneDX is a lightweight Bill of Materials (BOM) standard designed for use in application security contexts and supply chain component analysis.
58 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP Defectdojo Developers and Development Organizations Public https://owasp.org/www-project-defectdojo/ Best Practices Development CIS Control 7: Continuous Vulnerability Management An open source vulnerability management tool that streamlines the testing process by offering templating, report generation, metrics, and baseline self-service tools.
59 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP Dependency-Check Developers and Development Organizations Public https://owasp.org/www-project-dependency-check/ Best Practices Development CIS Control 7: Continuous Vulnerability Management Dependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project’s dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier f
60 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP Dependency-Track Developers and Development Organizations Public https://owasp.org/www-project-dependency-track/ Best Practices Development CIS Control 7: Continuous Vulnerability Management Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Dependency-Track takes a unique and highly beneficial approach by leveraging the capabilities of Software Bi
61 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP Juice Shop Developers and Development Organizations Public https://owasp.org/www-project-juice-shop/ Cybersecurity Education (pre-college) CIS Control 14: Security Awareness and Skills Training OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top T
62 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP Mobile Application Security Developers and Development Organizations Public https://owasp.org/www-project-mobile-app-security/ Best Practices Development CIS Control 16: Application Software Security The OWASP Mobile Application Security (MAS) flagship project provides a security standard for mobile apps (OWASP MASVS), a comprehensive testing guide (OWASP MASTG) and a checklist bringing everything together. Together they provide that covers during a m
63 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP ModSecurity Core Rule Set All Businesses Public https://owasp.org/www-project-modsecurity-core-rule-set/ Cybercrime Prevention CIS Control 13: Network Monitoring and Defense The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks, including the OWASP Top Ten, with
64 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP OWTF Cybersecurity Providers Public https://owasp.org/www-project-owtf/ Cybersecurity Testing CIS Control 18: Penetration Testing OWTF attempts to solve the “penetration testers are never given enough time to test properly” problem, or in other words, OWTF = Test/Exploit ASAP
65 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP SAMM Developers and Development Organizations Public https://owasp.org/www-project-samm/ Secure Development CIS Control 16: Application Software Security Software Assurance Maturity Model's mission is to provide an effective and measurable way for you to analyze and improve your secure development lifecycle. SAMM supports the complete software lifecycle and is technology and process agnostic.
66 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP Security Knowledge Framework Developers and Development Organizations Public https://owasp.org/www-project-security-knowledge-framework/ Secure Development CIS Control 16: Application Software Security The OWASP Security Knowledge Framework is an open source web application that explains secure coding principles in multiple programming languages. The goal of OWASP-SKF is to help you learn and integrate security by design in your software development and
67 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP Security Shepherd Developers and Development Organizations Public https://owasp.org/www-project-security-shepherd/ Secure Development CIS Control 16: Application Software Security OWASP Security Shepherd is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic. The aim of this project is to take AppSec novices or exp
68 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP Web Security Testing Guide Cybersecurity Providers Public https://owasp.org/www-project-web-security-testing-guide/ Cybersecurity Testing CIS Control 18: Penetration Testing The WSTG is a comprehensive guide to testing the security of web applications and web services. Created by the collaborative efforts of cybersecurity professionals and dedicated volunteers, the WSTG provides a framework of best practices used by penetrati
69 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM OWASP OWASP ZAP Cybersecurity Providers Public https://owasp.org/www-project-zap/ Cybersecurity Testing CIS Control 18: Penetration Testing The worlds most widely used web app scanner. Free and open source. Actively maintained by a dedicated international team of volunteers.
70 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM SAFECode Sofware Supply Chain Security All Businesses,Governments,Security Personnel Public https://safecode.org/blog/untangling-supply-chain-security/ Cybersecurity Certification,Best Practices Sharing/Deployment,Secure Development CIS Control 15: Service Provider Management,CIS Control 16: Application Software Security As global technology leaders, SAFECode members are frequently drawn into discussions of supply chain security with customers and regulators, and have a key role to play in managing the security of the supply chains used to deliver commercial products. Thi
71 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM SAFECode Software Security for Buyers and Government All Businesses,Governments,Security Personnel Public https://safecode.org/category/resource-buyers-and-government/ Best Practices Sharing/Deployment,Cyber Hygiene Implementation CIS Control 16: Application Software Security There is no “secret sauce” for creating secure software. It is achieved through the successful execution of a holistic, scalable assurance process that should be transparent to those seeking to evaluate the security of the software they use. SAFECode
72 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM SAFECode Managing a Software Security Program Developers and Development Organizations Public https://safecode.org/category/resource-managing-software-security/ Secure Development,Best Practices Sharing/Deployment CIS Control 16: Application Software Security A mature secure development lifecycle is more than just a checklist of secure development practices. It also encompasses all aspects of a healthy business process, such as program management, stakeholder engagement, deployment planning and measurement. SA
73 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM SAFECode Secure Development Practices Developers and Development Organizations,Web Developers Public https://safecode.org/category/resource-secure-development-practices/ Secure Development,Best Practices Sharing/Deployment CIS Control 16: Application Software Security Effective technology practices are the foundation of any secure development process. From threat modeling to fuzzing, SAFECode members share their insights and experiences around implementing security practices across all stages of the software developmen
74 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM SAFECode Training and Culture Development Developers and Development Organizations Public https://safecode.org/category/resource-training-and-culture/ Secure Development,Best Practices Sharing/Deployment,Cybersecurity Training and Workforce Development CIS Control 16: Application Software Security Developing a software security program without consideration for the people who create the software is an effort doomed to fail. Creating and fostering a security-supportive culture is essential to successfully scaling a software security program. This In
75 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM SecureTheVillage Executive and Board Leadership Security and Privacy Program Small and Medium Businesses,Nonprofits/Charities Public https://securethevillage.org/ Best Practices Sharing/Deployment, Cybersecurity Awareness Through a systemically-integrated series of information security and privacy programs, SecureTheVillage provides education, support, and advocacy to the bottom half of the cybersecurity divide: mid-size & smaller organizations, and families & individuals.
76 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM SecureTheVillage IT Security Management Program MSPs and MSSPs Public https://securethevillage.org/ Best Practices Sharing/Deployment, Collaborative Defensive Operations/Information Sharing Through a systemically-integrated series of information security and privacy programs, SecureTheVillage provides education, support, and advocacy to the bottom half of the cybersecurity divide: mid-size & smaller organizations, and families & individuals.
77 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM SecureTheVillage Financial Services Cybersecurity Program Financial Institutions Public https://securethevillage.org/ Cybercrime Prevention Through a systemically-integrated series of information security and privacy programs, SecureTheVillage provides education, support, and advocacy to the bottom half of the cybersecurity divide: mid-size & smaller organizations, and families & individuals.
78 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM SecureTheVillage Cybersecurity Workforce Program All Businesses, Nonprofits/Charities Public https://securethevillage.org/ Cybersecurity Training and Workforce Development,Diversity and Inclusion Through a systemically-integrated series of information security and privacy programs, SecureTheVillage provides education, support, and advocacy to the bottom half of the cybersecurity divide: mid-size & smaller organizations, and families & individuals.
79 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM SecureTheVillage Community Engagement Program Individuals Public https://securethevillage.org/ Cyber Hygiene Implementation, Cybersecurity Awareness, Cybercrime Victim Assistance, Cybercrime Prevention Through a systemically-integrated series of information security and privacy programs, SecureTheVillage provides education, support, and advocacy to the bottom half of the cybersecurity divide: mid-size & smaller organizations, and families & individuals.
80 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Institute for Security and Technology Blueprint for Ransomware Defense Small and Medium Businesses Public https://securityandtechnology.org/ransomwaretaskforce/blueprint-for-ransomware-defense/ Best Practices Sharing/Deployment The Blueprint for Ransomware Defense represents a set of foundational and actionable Safeguards, aimed at small- and medium-sized enterprises (SMEs).They’re based on a curated subset of the globally recognized CIS Critical Security Controls. It is writt
81 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Consumer Reports Security Planner Individuals Public https://securityplanner.consumerreports.org/ Cyber Hygiene Implementation CIS Control 3: Data Protection,CIS Control 5: Account Management,CIS Control 6: Access Control Management,CIS Control 7: Continuous Vulnerability Management,CIS Control 9: Email and Web Browser Protections,CIS Control 10: Malware Defenses,CIS Control 14: Security Planner is a free, easy-to-use guide to staying safer online. It provides personalized recommendations and expert advice on topics such as keeping social media accounts from being hacked, locking down devices like smartphones or home security cam
82 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Sightline Security Cybersecurity consulting services for nonprofits Nonprofits/Charities Public https://sightlinesecurity.org/ Best Practices Sharing/Deployment Sightline provides adhoc consulting and project based services for data mapping, social media use and policies, and training.
83 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Sightline Security [cybersecurity] KickStart for Nonprofits Nonprofits/Charities Public https://sightlinesecurity.org/kickstart Best Practices Development Cybersecurity assessments designed for nonprofits rooted in the NIST CSF includes assessment questions, outcomes and roadmap report, and training.
84 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Sightline Security Member Forum for Nonprofits Nonprofits/Charities Public https://sightlinesecurity.org/member-forum Cybersecurity Awareness A free cybersecurity community private for nonprofits only (no vendors) where they gain knowledge about current events (as well as security reports), do early stage assessments and participate in learning and discussion groups with other nonprofits.
85 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CyberGreen Institute Global data for open services ISPs,Governments,National CERTs Public https://stats.cybergreen.net Cyber Hygiene Implementation,Cybercrime Prevention,Cybersecurity Measurement CIS Control 12: Network Infrastructure Management,CIS Control 15: Service Provider Management Weekly, global data and statistics related to 5 open services at the country and ASN levels. Allows policymakers, nat'l CS agencies, CSIRTs, and other network operators assess levels and do cross comparisons.
86 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM National Cybersecurity Alliance CyberSecure My Business Small and Medium Businesses Public https://staysafeonline.org/programs/cybersecure-my-business/ Cybercrime Prevention,Best Practices Sharing/Deployment,Cyber Hygiene Implementation CIS Control 14: Security Awareness and Skills Training CybersecureMyBusiness is a national program,CyberSecure My Business™ is a national program helping small and medium-sized businesses (SMBs) learn to be safer and more secure online. The program is a series of in-person, highly interactive and easy-to-un
87 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM National Cybersecurity Alliance Cybersecurity Awareness Month Individuals,All Businesses,Governments Public https://staysafeonline.org/programs/cybersecurity-awareness-month/ Cybersecurity Education (pre-college),Cybersecurity Training and Workforce Development,Cyber Hygiene Implementation,Cybersecurity Awareness CIS Control 14: Security Awareness and Skills Training Cybersecurity Awareness Month, every October, is a collaboration between government and private industry to raise awareness about digital security and empower everyone to protect their personal data from digital forms of crime. The month is dedicated to
88 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM National Cybersecurity Alliance Convene Regional Conferences Security Personnel Public https://www.staysafeonline.org/convene Cybersecurity Training and Workforce Development,Cybersecurity Awareness,Best Practices Sharing/Deployment CIS Control 14: Security Awareness and Skills Training Elevate your cybersecurity training and awareness programs and learn from the experts at Convene. Since 2001, The National Cybersecurity Alliance has created educational resources and campaigns to help training and awareness professionals lead the charge
89 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM National Cybersecurity Alliance Career + Education Library Individuals Public https://staysafeonline.org/resources/career-education/ Cybersecurity Education (pre-college),Cybersecurity Training and Workforce Development CIS Control 14: Security Awareness and Skills Training The National Cybersecurity Alliance is a non-profit organization on a mission to create a more secure, interconnected world. We advocate for the safe use of all technology and educate everyone on how best to protect ourselves, our families, and our organi
90 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Canadian Cyber Threat Exchange (CCTX) Best Practices Development/Sharing/Deployment All Businesses Member https://www.cctx.ca Collaborative Defensive Operations/Information Sharing The CCTX is a not for profit organization created by the private sector that enables members to reduce financial and operational risk through access to relevant and actionable threat intelligence, best practices and information. The cross-sector collabor
91 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Canadian Cyber Threat Exchange (CCTX) Collaborative Information Sharing All Businesses Member https://www.cctx.ca Collaborative Defensive Operations/Information Sharing The CCTX is a not for profit organization that enables members to reduce financial and operational risk through access to relevant and actionable threat intelligence, best practices and information. The cross-sector collaboration amongst member organizat
92 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Canadian Cyber Threat Exchange (CCTX) Cybersecurity Awareness All Businesses, Individuals Public https://www.cctx.ca Cybersecurity Awareness CCTX provides podcasts, presentations and research to the general public to raise awareness of the cyber risk and the critical role that collaboration plays in building resiliency.
93 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Canadian Cyber Threat Exchange (CCTX) Cross Sector Threat Intelligence Sharing All Businesses Member https://www.cctx.ca Collaborative Defensive Operations/Information Sharing The CCTX is a not for profit organization that enables members to reduce financial and operational risk through access to relevant and actionable threat intelligence, best practices and information. The cross-sector collaboration amongst member organizat
94 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Canadian Cyber Threat Exchange (CCTX) Annual Symposium and Webinars Members, All Businesses Member https://www.cctx.ca Cybersecurity Awareness, Research and Knowledge Development CCTX Annual Symposium is a member only learning and networking opportunity, enabling members to connect, build relationships and earn CPE credits. The Technical Webinars are an opportunity for leading edge technology companies and solution providers to e
95 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security CIS Benchmarks All Businesses Public https://www.cisecurity.org/cis-benchmarks/ Best Practices Sharing/Deployment 100+ vendor-neutral Security configuration guides for IT components
96 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security CIS Hardened Images All Businesses Public https://www.cisecurity.org/cis-benchmarks/ Best Practices Sharing/Deployment Virtual images hardened to CIS Benchmarks on cloud service provider marketplaces
97 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security CIS SecureSuite All Businesses Member https://www.cisecurity.org/cis-securesuite Best Practices Sharing/Deployment Start secure and stay secure with integrated cybersecurity tools and resources designed to help you implement CIS Benchmarks and CIS Controls.
98 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security CIS Critical Security Controls All Businesses Public https://www.cisecurity.org/controls Best Practices Sharing/Deployment Foundational set of prioritized security controls
99 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security MS-ISAC Operations Governments: US State/Local/Tribal/Territorial (SLTT) Member https://www.cisecurity.org/isac Collaborative Defensive Operations/Information Sharing Improve the overall cybersecurity posture of U.S. State, Local, Tribal, and Territorial (SLTT) government organizations through coordination, collaboration, cooperation, and increased communication.
100 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security EI-ISAC Operations Governments: US State/Local/Tribal/Territorial (SLTT) Member https://www.cisecurity.org/isac Collaborative Defensive Operations/Information Sharing Works closely with election officials and security and technology personnel to provide the highest standards of election security, including incident response and remediation through our team of cyber experts. Our 24x7x365 Security Operations Center (SOC)
101 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security MDBR (Malicious Domain Blocking & Reporting) Governments: US State/Local/Tribal/Territorial (SLTT) Member https://www.cisecurity.org/ms-isac/services/mdbr Collaborative Defensive Operations/Information Sharing A cloud-based solution that uses recursive DNS technology to prevent IT systems from connecting to harmful web domains, helping SLTTs limit infections related to known malware, ransomware, phishing, and other cyber threats. This capability can block the v
102 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security ISAC Albert Network Monitoring (IDS) Governments: US State/Local/Tribal/Territorial (SLTT) Member https://www.cisecurity.org/services/albert-network-monitoring Collaborative Defensive Operations/Information Sharing 24x7x365 managed and monitored Intrusion Detection System (IDS) built to detect SLTT-specific threats.
103 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security CIS CyberMarket Governments: US State/Local/Tribal/Territorial (SLTT) Member https://www.cisecurity.org/services/cis-cybermarket Best Practices Sharing/Deployment Collaborative purchasing program that serves U.S. State, Local, Tribal, and Territorial (SLTT) government organizations, nonprofit entities, and public health and education institutions to improve cybersecurity through cost-effective group procurement.
104 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security MS-ISAC Endpoint Security Services Governments: US State/Local/Tribal/Territorial (SLTT) Member https://www.cisecurity.org/services/endpoint-security-services Collaborative Defensive Operations/Information Sharing Offers device-level protection and response to strengthen an organization’s cybersecurity program, and provides active defense against both known (signature-based) and unknown (behavioral-based) malicious activity.
105 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security MS-ISAC Managed Security Services Governments: US State/Local/Tribal/Territorial (SLTT) Member https://www.cisecurity.org/services/managed-security-services-mss Collaborative Defensive Operations/Information Sharing Monitor SLTT devices for signs of malicious or anomalous activity, eliminate false positives, and escalate only actionable items as an alert.
106 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CREST Simulated Target Attack & Response,Simulated Target Attack & Response (RedTeam) Cybersecurity Providers,All Businesses Public https://www.crest-approved.org/certification-careers/crest-certifications/ Cybersecurity Certification CIS Control 14: Security Awareness and Skills Training,CIS Control 18: Penetration Testing
107 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CREST Penetration Testing Cybersecurity Providers,All Businesses Public https://www.crest-approved.org/certification-careers/crest-certifications/ Cybersecurity Certification CIS Control 14: Security Awareness and Skills Training,CIS Control 18: Penetration Testing
108 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CREST Incident Response Cybersecurity Providers,All Businesses Public https://www.crest-approved.org/certification-careers/crest-certifications/ Cybersecurity Certification CIS Control 17: Incident Response Management
109 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CREST Security Operations Centers Cybersecurity Providers,All Businesses Public https://www.crest-approved.org/membership/membership-benefits/ Standards CIS Control 15: Service Provider Management
110 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Forge Institute Forge Academy Individuals Public https://www.forge.institute/academy Cybersecurity Training and Workforce Development Developing and delivering top tier training programs based on the needs of our public and private sector partners to forge new talent. Curriculum is built by battle proven SME's, developed in a partnership with Chief Information Officers / Chief Informati
111 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Forge Institute Arkansas Cyber Defense Center Small and Medium Businesses Public https://www.forge.institute/news/arkansas-cyber-defense-center-receives-major-boost-from-statewide-partnerships Collaborative Defensive Operations/Information Sharing The ACDC helps small businesses and entrepreneurs boost their cyber defense readiness and cope with potentially devastating cyber attacks.
112 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Forge Institute Emerging Threat Center All Businesses Public https://www.forge.institute/etc Collaborative Defensive Operations/Information Sharing Serving as a next-gen private-public fusion cell, the ETC offers a trusted nexus for security experts to join forces in safeguarding crucial infrastructures.
113 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Forge Institute Forge Fellowship Military Personnel Member https://www.forge.institute/forge-fellowship Cybersecurity Training and Workforce Development The Forge Fellowship is a unique opportunity for qualified individuals participating in the DoD SkillBridge program to gain hands-on work-based learning experiences, access to reskill/upskill courses in the Forge Academy, and develop relationships to supp
114 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Global Anti Scam Alliance Check My Link Consumers Public https://www.gasa.org/ Allow consumers to check if a link is phishing, malware or a scam We offer an easy to set-up website in your own colors, fonts, logo and design to help consumers check if a website is legit or a possible scam, phishing or malware site. Examples include check.getsafeonline.org in the UK, check.veiliginternetten.nl in the
115 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Global Cyber Alliance AIDE/IoT ISPs,Developers and Development Organizations,National CERTs Member https://www.globalcyberalliance.org/aide/ Cybercrime Prevention,Best Practices Sharing/Deployment At the core of AIDE is a database of 4 years' worth of global honeyfarm data. The current focus is on using the data to identify pockets of criminality and encourage cleanup in source networks. The ultimate goal is to use this sort of intelligence to info
116 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Global Cyber Alliance DMARC Setup Guide & Resources All Businesses Public https://globalcyberalliance.org/work/dmarc/ Cyber Hygiene Implementation CIS Control 9: Email and Web Browser Protections GCA assembled these resources about DMARC and a step-by-step DMARC Setup Guide, available in 18 languages, to help organizations of all sizes implement DMARC.
117 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Global Cyber Alliance Domain Trust Carriers/Communications, Critical Infrastructure, Cybersecurity Providers, Information Sharing Organizations, ISPs, National CERTs, Registrars and Registries, Security Operations Entities Member https://www.globalcyberalliance.org/domain-trust/ Cybercrime Prevention,Collaborative Defensive Operations/Information Sharing,Best Practices Sharing/Deployment GCA has convened a community of organizations across the globe, working together and driven by data, to help increase the integrity of the Internet by decreasing the number and impact of domains registered for cybercrime and other malicious purposes. This
118 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Global Resilience Federation Business Resilience Council All Businesses Member https://www.grf.org/ Collaborative Defensive Operations/Information Sharing Global Resilience Federation (GRF) is a non-profit hub and integrator for support, analysis, and cross-sector intelligence exchange among information sharing and analysis centers (ISACs), organizations (ISAOs), and computer emergency readiness/response te
119 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CMMC Professionals Network (CPN) CPN LinkedIn Group Security Personnel Public https://www.linkedin.com/groups/14523710/ Cybersecurity Training and Workforce Development An inclusive online community for CPN members to network, share insights, and stay updated on the latest CMMC news. It serves as a central hub for peer-to-peer support and professional dialogue.
120 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Global Cyber Alliance MANRS ISPs, Information Sharing Organizations, National CERTs, Registrars and Registries Member https://www.manrs.org/ Cybercrime Prevention Mutually Agreed Norms for Routing Security (MANRS) is a global initiative that helps reduce the most common routing threats. In less than a decade, MANRS has grown from nine original operators to a community of more than 1,000 participants ranging from sm
121 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM National Cyber-Forensics and Training Alliance Internet Fraud Alert (IFA) All Businesses Public https://www.ncfta.net Cyber Hygiene Implementation CIS Control 6: Access Control Management IFA is a public service which alerts on compromised credentials recovered online. Stolen credentials include credit/debit cards, email accounts with passwords, and user login accounts with passwords. Credentials are recovered daily by cyber-research analy
122 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM National Cyber-Forensics and Training Alliance Cyfin Security Operations Entities Member https://www.ncfta.net Cybercrime Prevention,Collaborative Defensive Operations/Information Sharing CyFin is an NCFTA Member Program that facilitates financial institutions and law enforcement to share information and identify, validate, mitigate, and disrupt cyber-enabled financial crimes and cyber-threats to the financial services industry.
123 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM National Cyber-Forensics and Training Alliance Malware Lab Law Enforcement,Security Operations Entities,MSPs and MSSPs Member https://www.ncfta.net Collaborative Defensive Operations/Information Sharing,Cybercrime Prevention CIS Control 10: Malware Defenses Through NCFTA's onsite Malware Lab, teams research, analyze, and provide intelligence on malware, ransomware and related technical cyber threats. Three outbound "feeds" are generated consisting of Long Term Infection analysis, live Malicious Threat Indica
124 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM National Cyber-Forensics and Training Alliance Brand and Consumer Protection Program Law Enforcement,All Businesses Member https://www.ncfta.net Collaborative Defensive Operations/Information Sharing,Cybercrime Prevention BCP is an NCFTA Member Program that provides industry and law enforcement with actionable intelligence on cyber-enabled illegal sale and distribution of counterfeit goods and intellectual property including; fraud related to ecommerce transactions, pharma
125 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Registrar of Last Resort (ROLR) Law Enforcement,National CERTs Public https://www.rolr.eu/ Collaborative Defensive Operations/Information Sharing Shadowserver operates ROLR, a registrar of malicious domains - enabling registration of malicious domains that need to be blocked or sinkholed, thus ensuring protection of users (Public)
126 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Honeynet-as-a-Service National CERTs,Nonprofits/Charities,Cybersecurity Providers Member https://www.shadowserver.org/contact/ Collaborative Defensive Operations/Information Sharing Ability to operate honeypot platforms for other entities
127 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver SSPT,Special Projects Team (SSPT) Law Enforcement,National CERTs,Cybersecurity Providers Member https://www.shadowserver.org/contact/ Collaborative Defensive Operations/Information Sharing Shadowserver maintains a team that collaborates with leading LE agencies worldwide on large scale malware, botnet and ransomware cases.
128 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Cybersecurity training for CSIRTs National CERTs,Governments,Law Enforcement Member https://www.shadowserver.org/contact/ Collaborative Defensive Operations/Information Sharing,Cybersecurity Awareness,Cybersecurity Training and Workforce Development Shadowserver conducts trainings for National CSIRTs, Law Enforcement, Government and others on cybersecurity issues as seen in Shadowserver dataset and on how to use Shadowserver data.
129 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Geo-ip/ASN/lookup service All Businesses Public https://www.shadowserver.org/what-we-do/network-reporting/api-asn-and-network-queries/ Collaborative Defensive Operations/Information Sharing Shadowserver maintains a free IP/ASN lookup service for the community.
130 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Malicious hash lookup service National CERTs Member https://www.shadowserver.org/what-we-do/network-reporting/api-research/ Collaborative Defensive Operations/Information Sharing Shadowserver maintains a free malicious hash lookup service for the (vetted) community.
131 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver SSL/TLS certificate collection National CERTs Member https://www.shadowserver.org/what-we-do/network-reporting/api-scan-ssl/ Collaborative Defensive Operations/Information Sharing Shadowserver collects over 40 million SSL certificates per day, enabling tracking of threat actors and their infra that use SSL certificates.
132 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Trusted program lookup service National CERTs,Security Operations Entities,All Businesses Public https://www.shadowserver.org/what-we-do/network-reporting/api-trusted-programs-query/ Collaborative Defensive Operations/Information Sharing Shadowserver maintains a trusted hash lookup service for the community.
133 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Malware Project All Businesses, National CERTs Member https://www.shadowserver.org/what-we-do/network-reporting/get-reports Collaborative Defensive Operations/Information Sharing Malware collection of over 1.7 billion unique samples by hash, over 1 million collected daily (unique by hash). Sample exchange with industry/CSIRTs/researchers.
134 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Sandbox Project All Businesses, National CERTs Member https://www.shadowserver.org/what-we-do/network-reporting/get-reports Collaborative Defensive Operations/Information Sharing Large scale sandboxing of malware, YARA rule development and classification of malware. Over 200 physical and 2000 virtual sandboxes running at one time
135 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Honeynet Project All Businesses, National CERTs Member https://www.shadowserver.org/what-we-do/network-reporting/get-reports Collaborative Defensive Operations/Information Sharing Large scale deployments (over 2000) IoT, Web, ICS and other honeypots (7 types) in over 90 countries worldwide. Presence in over 400 datacentre locations worldwide. Tracking new exploits and common vulnerabilities daily (currently over 200 total). Any org
136 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Sinkholing Project All Businesses, National CERTs Public https://www.shadowserver.org/what-we-do/network-reporting/get-reports Collaborative Defensive Operations/Information Sharing Shadowserver sinkholes over 400 malware families and malware variants. Any organization that has a responsibility for a network can subscribe for free to this data for their network.
137 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Daily threat intelligence feeds All Businesses, National CERTs Member https://www.shadowserver.org/what-we-do/network-reporting/get-reports/ Collaborative Defensive Operations/Information Sharing,Cybercrime Prevention,Cyber Hygiene Implementation Shadowserver is the world's largest provider of free threat intelligence, sharing billions of security events daily with 201 National CSIRTs in 175 countries and territories, and over 7000+ organizations (government entities, ISPs, hosting providers, CSPs
138 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Shadowserver Scanning Project All Businesses, National CERTs Member https://www.shadowserver.org/what-we-do/network-reporting/get-reports/ Collaborative Defensive Operations/Information Sharing Daily scanning of entire IPv4 space for over 100 services, plus 10 IPv6 services (latter based on hitlists). Overview of external exposed services worldwide since 2014. Remote fingerprinting of IoT and other devices, with over 1200+ fingerprinting rules c
139 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM CMMC Professionals Network (CPN) CMMC Roundtable Security Personnel Public https://www.youtube.com/playlist?list=PLTdwZoFSG4osMsEgDMCO6N65WwUCl-565 Cybersecurity Training and Workforce Development Monthly open mic sessions and town hall recaps where members can engage in open discussions with CMMC experts. These sessions provide a platform for sharing experiences, asking questions, and gaining valuable insights into the evolving CMMC ecosystem.
140 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Cyber Readiness Institute Incident Response Plan Small and Medium Businesses Public https://cyberreadinessinstitute.org/resource/incident-response-plan/ Best Practices Development Establishing cyber readiness practices and policies helps to reduce risk, but it’s important to assume that our company is likely to have to deal with a security incident at some point that could impact business operations. Trying to determine how to re
141 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security CIS-CAT (Controls Assessment Tool) All Businesses Public https://learn.cisecurity.org/cis-cat-lite Cybersecurity Measurement A configuration assessment tool that checks conformance to the recommendations in the CIS Benchmarks. Leveraging the CIS-CAT Pro Dashboard component, users can view conformance to best practices and evaluate compliance scores over time.
142 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security CIS-CAT Pro (Controls Assessment Tool) All Businesses Member https://www.cisecurity.org/cybersecurity-tools/cis-cat-pro Cybersecurity Measurement A configuration assessment tool that checks conformance to the recommendations in the CIS Benchmarks. Leveraging the CIS-CAT Pro Dashboard component, users can view conformance to best practices and evaluate compliance scores over time.
143 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security CSAT (Controls Self-Assessment Tool, hosted by CIS) All Businesses Public https://www.cisecurity.org/insights/blog/cis-csat-free-tool-assessing-implementation-of-cis-controls Cybersecurity Measurement A hosted (by CIS) CIS Controls self-assessment tool that enables you to conduct, track, and assess implementation of the Controls.
144 cloudsecurityalliance 08/12/2025 12:21 PM cloudsecurityalliance 08/12/2025 12:21 PM Center for Internet Security CSAT-Pro (Controls Self-Assessment Tool) All Businesses Member https://www.cisecurity.org/insights/blog/cis-csat-pro-v1-7 Cybersecurity Measurement An on-premises CIS Controls self-assessment tool that enables you to conduct, track, and assess implementation of the Controls.
Member Nonprofit Project or Solution Name Audience Benefit For Subject/Control Area Optional: Control Areas