Continuous Diagnostics and Mitigation (CDM) Program
Related topics:
The Continuous Diagnostics and Mitigation (CDM) Program provides a dynamic approach to fortifying the cybersecurity of government networks and systems. The CDM Program delivers cybersecurity tools, integration services, and dashboards that help participating agencies improve their security posture by:
- Reducing agency threat surface
- Increasing visibility into the federal cybersecurity posture
- Improving federal cybersecurity response capabilities
- Streamlining Federal Information Security Modernization Act (FISMA) reporting
The CDM Program was developed in 2012 to support government-wide and agency-specific efforts to provide risk-based, consistent, and cost-effective cybersecurity solutions to protect federal civilian networks across all organizational tiers.
To learn more, read the CDM Program Overview fact sheet (pdf, 308KB).
Video Overview
Learn more about CDM’s capabilities and how the program works.
CDM Solutions and Success Stories
Evolving CDM to Transform Government Cybersecurity Operations and Enable CISA’s Approach to Interactive Cyber Defense
JUL 21, 2023
| BLOG
Read more from Associate Director Michael Duffy about the CDM Program’s journey during its first 10 years and learn more about how the program contributes to the Federal Government’s cyber defenses.
CDM Solutions for Federal Agencies
The CDM Program assists agencies to better understand and strengthen their network defense.
CDM Shared Services Success Story
PUBLICATION
Learn how the CDM Shared Services Platform (SSP) provides 75 eligible non-Chief Financial Officers (CFO) Act agencies with access to CDM cyber capabilities.
Department of Agriculture Success Story
PUBLICATION
Learn how the Department of Agriculture (USDA) used a CDM Identity and Access Management (IDAM) tool to support their goal of centralizing the client IDAM services across the department into its Client Experience Center.
CDM Capabilities
CDM Capabilities: Asset Management
MAY 28, 2021
| PUBLICATION
Discover the CDM program's Asset Management capability.
CDM Capabilities: Identity and Access Management
MAY 28, 2021
| PUBLICATION
Learn more about the CDM program's Identity and Access Management capability.
CDM Capabilities: Network Security Management
MAY 28, 2021
| PUBLICATION
To learn more about the CDM program's Network Security Management capability.
CDM Capabilities: Data Protection Management
MAY 28, 2021
| PUBLICATION
To learn more about the CDM program's Data Protection Management capability.
Agency and Federal Dashboards, AWARE, Shared Services Platform
CDM Agency and Federal Dashboards
PUBLICATION
The CDM Agency Dashboards receive and display information from CDM tools and then push summarized information for display.
Agency-Wide Adaptive Risk Enumeration (AWARE)
OTHER
AWARE provides participating agencies with situational awareness of cyber risk and enables timely remediation of threats and vulnerabilities.
CDM Program Shared Services Platform
DEC 17, 2020
| PUBLICATION
The CDM Shared Services Platform provides non-CFO Act agencies with access to CDM capabilities.
CDM Mobile and Cloud Resources
CDM: Mobile
Learn more about the CDM program's focus on securing mobile assets across the Federal Enterprise.
CDM: Cloud
The CDM Program continues to evolve to equip agencies with monitoring tools and capabilities to understand the cloud environment.
CDM Acquisition Approach and Program Training
Resources
CDM Program Overview Fact Sheet
DEC 17, 2020
| PUBLICATION
This document provides an overview of the CDM program.
Encrypted DNS Implementation Guidance
MAY 16, 2024
|
This document provides Federal Civilian Executive Branch (FCEB) agencies with actionable guidance for the implementation of encrypted DNS protocols and for enhancing the cybersecurity posture of their IT networks.
CDM Data Model Document 4.1.1
APR 01, 2024
| PUBLICATION
This document provides a comprehensive description of a common data schema to ensure that prescribed diagnostic activities within CDM solutions are consistent across all participating federal agencies.
CDM ICAM Reference Architecture
PUBLICATION
This document refines and clarifies the CDM Program’s Identity and Access Management (IDAM) scope by providing a reference for how CDM IDAM capabilities may integrate into an agency’s ICAM architecture.
Contact
For other CDM Program questions, email CDM@cisa.dhs.gov.
Tags
Topics:
Cybersecurity Best Practices