This document is the updated Manageable Network Plan Teaser providing highlights of the Manageable Network Plan.

02 November 2016 2 page(s) pdf

This is a technical document/manual for use by DoD, government, and industry ICS owners and operators. It provides methodologies to collect and analyze host and network data on ICS networks in  order to baseline and secure these infrastructures.

01 November 2016 99 page(s) pdf

Web browsers must be updated on a frequent basis in order to resist highly-scalable, low cost attacks. This document provides a per-browser approach for administrators to keep each major browser updated. Technical details provided in this guide are subject to change as operating systems and browser software evolve, but the overall strategies are likely to remain consistent.

14 October 2016 6 page(s) pdf

Defenders must raise the cost for an adversary to obtain high-value domain credentials after an initial intrusion. One such way is through a dedicated administrator workstation for performing highly-privileged tasks subsequently referred to as a Secure Administrator Workstation (SAW). SAWs address credential theft techniques by limiting highly-privileged credentials to specific hardened systems. This guide will help DoD administrators configure a...

27 July 2016 8 page(s) pdf

This document serves as an appendix to the “Seven Steps to Defend Industrial Control Systems” document, providing additional conceptual-level guidance on implementing application whitelisting.
Application Whitelisting (AWL) can detect and prevent attempted execution of malware uploaded by adversaries. The static nature of some industrial control system (ICS) components, such as database servers and human-machine interfaces, makes these ideal candidates to...

01 April 2016 7 page(s) pdf

This document provides a high-level description of new security features in Windows 10 for senior technology leaders. It describes how these features disrupt attacker tools, techniques, and procedures used against National Security Systems today.

24 February 2016 2 page(s) pdf

This document outlines several techniques that utilize functionality available within the Microsoft Windows operating system to establish an operational foundation ('position zero') of ICS/SCADA servers and workstations.

09 February 2016 24 page(s) pdf

Securing Industrial Control Systems (ICSs) against the modern threat requires well-planned and well-implemented strategies. This paper presents seven steps that can be implemented today to counter common exploitable weaknesses in "as-built" control systems.

23 December 2015 7 page(s) pdf

This document provides guidance on configuring Adobe Reader DC in a Windows environment. Adobe Reader DC is the latest version of Adobe Reader and replaces Adobe Reader XI. The “DC” in the title stands for “Document Cloud” which refers to the cloud based features introduced in Adobe Reader DC.

02 December 2015 13 page(s) pdf

A Manageable Network Plan is a series of milestones that can take an unmanageable, insecure network and make it more defensible, more secure and more manageable. Because the plan is intended to be a long-term solution, implementing milestones may require additional resources and time. Once manageable, your network can be secured more efficiently and effectively.

01 December 2015 58 page(s) pdf