[Skip to main content](#main)
**Official websites use .gov**
A **.gov** website belongs to an official government organization in the United States.
**Secure .gov websites use HTTPS**
A **lock** (LockA locked padlock) or **https://** means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
[Free Cyber Services](/resources-tools/resources/free-cybersecurity-services-and-tools "Free Cyber Services")[Secure by design](/securebydesign) [Secure Our World](/node/18883)[Shields Up](/node/8056)[Report A Cyber Issue](/report)
Share:
[](https://www.facebook.com/sharer/sharer.php?u=https://www.cisa.gov/node/16104&title=Home%20Page "Share to Facebook")[](https://twitter.com/intent/tweet?text=Home%20Page+https://www.cisa.gov/node/16104 "Share to X")[](https://www.linkedin.com/sharing/share-offsite/?url=https://www.cisa.gov/node/16104 "Share to Linkedin")[](mailto:?subject=Home%20Page&body=https://www.cisa.gov/node/16104 "Share to Email")
slide 1 of 6
### Active Assailant Emergency Action Plan Template and Instructional Guide
Provide organizations and venue operators with tangible guidance to assist users with developing a comprehensive and implementable emergency action plan (EAP).
[Learn More](/resources-tools/resources/active-shooter-emergency-action-plan-product-suite)
### Mitigation Strategies for Edge Devices: Executive Guidance
Foreign adversaries routinely exploit software vulnerabilities in network edge devices. With U.S. and international partners, we released strategies and guides to help organizations protect their network edge devices and appliances.
[Read the Guidance](/resources-tools/resources/guidance-and-strategies-protect-network-edge-devices)
### Threat Actors Chained Vulnerabilities in Ivanti Cloud Service Applications
Read recommended actions and mitigations to detect and protect against exploitation of Ivanti vulnerabilities, CVE-2024-8963, CVE-2024-9379, CVE-2024-8190 and CVE-2024-9380.
[Read the Advisory](/news-events/cybersecurity-advisories/aa25-022a)
### Unlocking Vulnrichment: Enriching CVE Data
In today’s fast-paced cybersecurity landscape, staying ahead of vulnerabilities is a daily race against time. Every day, dozens to hundreds of new Common Vulnerabilities and Exposures are published, many of which affect critical systems.
[Read the Blog](/news-events/news/unlocking-vulnrichment-enriching-cve-data)
### Product Security Bad Practices Version 2
For software manufacturers who produce software used in service of critical infrastructure or national critical functions (NCFs). This revised joint guide includes feedback from public comment period in 2024.
[Read the Guide](/resources-tools/resources/product-security-bad-practices)
### Closing the Software Understanding Gap
Read how we can help close the gap and secure our infrastructure with a deep, scalable understanding of software-controlled systems, including AI-systems.
[Read the Report](/resources-tools/resources/closing-software-understanding-gap)
News Updates
------------
Mar 12, 2025
Press Release
### [Statement on CISA's Red Team](/news-events/news/statement-cisas-red-team)
Jan 21, 2025
Blog
### [Unlocking Vulnrichment: Enriching CVE Data](/news-events/news/unlocking-vulnrichment-enriching-cve-data)
Jan 16, 2025
Press Release
### [CISA Calls For Action to Close the Software Understanding Gap](/news-events/news/cisa-calls-action-close-software-understanding-gap)
Jan 10, 2025
Blog
### [CISA Through the Years: Policy and Impact](/news-events/news/cisa-through-years-policy-and-impact)
Jan 08, 2025
Blog
### [Supporting Safe and Secure K-12 Schools](/news-events/news/supporting-safe-and-secure-k-12-schools)
[View More News](/news-events/news)
Latest Operational Information
------------------------------
Mar 13, 2025
Alert
### [CISA Releases Thirteen Industrial Control Systems Advisories](/news-events/alerts/2025/03/13/cisa-releases-thirteen-industrial-control-systems-advisories)
Mar 13, 2025
ICS Medical Advisory | ICSMA-25-072-01
### [Philips Intellispace Cardiovascular (ISCV)](/news-events/ics-medical-advisories/icsma-25-072-01)
Mar 13, 2025
ICS Advisory | ICSA-25-072-12
### [Sungrow iSolarCloud Android App WiNet Firmware](/news-events/ics-advisories/icsa-25-072-12)
Mar 13, 2025
ICS Advisory | ICSA-25-072-11
### [Siemens SIMATIC IPC Family, ITP1000, and Field PGs](/news-events/ics-advisories/icsa-25-072-11)
Mar 13, 2025
ICS Advisory | ICSA-25-072-10
### [Siemens SINEMA Remote Connect Client](/news-events/ics-advisories/icsa-25-072-10)
[View All Alerts & Advisories](/news-events/cybersecurity-advisories) [Subscribe to Updates (link is external)](https://public.govdelivery.com/accounts/USDHSCISA/subscriber/new?qsp=CODE_RED)
How can we help?
----------------
[All Audiences](/audiences)
### [Find Help Locally](/audiences/find-help-locally)
[Contact your Region](/about/regions "Contact your Region")
[Assist Visits](/resources-tools/services/assist-visits "Assist Visits")
[Protected Critical Infrastructure Information](/resources-tools/programs/protected-critical-infrastructure-information-pcii-program "Protected Critical Infrastructure Information")
### [Industry](/topics/industry)
[Secure by Design](/securebydesign "Secure by Design")
[Information Sharing: A Vital Resource](/topics/cyber-threats-and-advisories/information-sharing/information-sharing-vital-resource "Information Sharing: A Vital Resource")
[PCII Program modernized](/news-events/articles/cisa-publishes-technical-rule-update-protected-critical-infrastructure "Protected Critical Infrastructure Information (PCII) Program modernized")
[Joint Cyber Defense Collaborative expands](/news-events/articles/cisa-expands-joint-cyber-defense-collaborative-include-industrial-control "Joint Cyber Defense Collaborative expands")
### [Small and Medium Businesses](/topics/small-and-medium-businesses)
[Cyber guidance for small businesses](/cyber-guidance-small-businesses "Cyber guidance for small businesses")
[Supplementing passwords](/MFA "Supplementing passwords")
[Doing business with CISA](/doing-business-cisa "Doing business with CISA")
### [Educational Institutions](/topics/educational-institutions)
[School Safety](/topics/physical-security/school-safety)
[Cybersecurity for K-12](/K12Cybersecurity "K-12 Cybersecurity")
[K-12 School Security Product Suite](/k-12-school-security-guide-product-suite)
[Protecting Our Future: Partnering to Safeguard K-12 Organizations from Cybersecurity Threats](/protecting-our-future-cybersecurity-k-12 "Protecting Our Future")
[All Audiences](/audiences)
JCDC unifies cyber defenders from organizations worldwide. This team proactively gathers, analyzes, and shares actionable cyber risk information to enable synchronized, holistic cybersecurity planning, cyber defense, and response.
[JCDC](/topics/partnerships-and-collaboration/joint-cyber-defense-collaborative)
StopRansomware.gov is the U.S. Government's official one-stop location for resources to tackle ransomware more effectively.
[STOPRANSOMWARE](/stopransomware)
SAFECOM works to improve emergency communications interoperability across local, regional, tribal, state, territorial, international borders, and with federal government entities.
[SAFECOM](/safecom)
Additional CISA Resources
-------------------------
### [CISA’s Federal Cyber Defense Skilling Academy](/node/16269)
CISA’s Federal Cyber Defense Skilling Academy provides full-time federal employees an opportunity to focus on professional growth through an intense, full-time, three-month accelerated training program.
### [CISA Events](/news-events/events)
CISA hosts and participates in events throughout the year to engage stakeholders, seek research partners, and communicate with the public to help protect the homeland.
### [CISA Services Catalog](/resources-tools/services)
A single resource that provides you with access to information on services across CISA’s mission areas.
### [CISA Training](/resources-tools/training)
As part of our continuing mission to reduce cybersecurity and physical security risk, CISA provides a robust offering of cybersecurity and critical infrastructure training opportunities.