U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

CDM Resources

The Continuous Diagnostics and Mitigation (CDM) program is a dynamic approach to fortifying the cybersecurity of government networks and systems.  CDM provides federal departments and agencies with capabilities and tools that identify cybersecurity risks on an ongoing basis, prioritize these risks based upon potential impacts, and enable cybersecurity personnel to mitigate the most significant problems first.  Congress established the CDM program to provide adequate, risk-based, and cost-effective cybersecurity and more efficiently allocate cybersecurity resources.

The CDM Program enhances government network security through automated control testing and progress tracking. This approach: 

  • Provides services to implement sensors and dashboards;
  • Delivers near-real time results;
  • Prioritizes the worst problems within minutes, versus quarterly or annually;
  • Enables defenders to identify and mitigate flaws at network speed; and
  • Lowers operational risk and exploitation of government IT systems and networks.

DHS, in partnership with the General Services Administration, established a government-wide acquisition vehicle for continuous diagnostics and mitigation. The CDM blanket purchase agreement (BPA) is available to Federal, State, local, and tribal government entities. BPA participants achieve cost savings through tiered-price and task order discounts, enabling more efficient use of scarce resources to be spread further. This strategy results in an enterprise approach to continuous diagnostics, including consistent application of best practices.

The following CDM resources provide background and overview information for the CDM program.
 

Overview Documents

  • CDM Program Overview [pdf]

Phase 1: Manage Assets

Hardware Asset Management

  • HWAM Capability Data Sheet [pdf]
  • HWAM Capability Description [pdf]
  • Description of Actual State Sensor Types for the HWAM Capability [pdf]
  • HWAM Capability Defect False Positive Guide [pdf]
  • HWAM Initialization Guide [pdf]
  • Intro to HWAM [pdf]

Software Asset Management

  • SWAM Capability Data Sheet [pdf]
  • SWAM Capability Description [pdf]
  • Description of Actual State Sensor Types for the SWAM Capability [pdf]
  • SWAM Capability Defect False Positive Guide [pdf]
  • SWAM Illustrative Process [pdf]
  • Intro to SWAM [pdf]
  • Application Whitelisting Readiness Questionnaire [pdf]
  • Application Whitelisting Strategic Planning Guide [pdf]

Configuration Settings Management

  • CSM Capability Data Sheet [pdf]
  • CSM Capability Description [pdf]
  • Description of Actual State Sensor Types for the CSM Capability [pdf]
  • CSM Capability Defect False Positive Guide [pdf]
  • Intro to CSM [pdf]

Vulnerability Management

  • VULN Capability Data Sheet [pdf]
  • VULN Capability Description [pdf]
  • Description of Actual State Sensor Types for the VULN Capability [pdf]
  • VULN Capability Defect False Positive Guide [pdf]
  • Intro to VULN [pdf]

Phase 2: Manage Accounts for People and Services 

TRUST: Manage Trust in People Granted Access

Coming soon

BEHAVE: Manage Security Related Behavior

Coming soon

CRED: Manage Credentials and Authentication

Coming soon

PRIV: Manage Privileges

Coming soon

Phase 3: Manage Events 

Boundary Protection

Coming soon

Prepare for Incidents and Contingencies

Coming soon

Detect Suspicious Events/Patterns

Coming soon

Respond to Incidents and Contingencies

Coming soon

Other Useful Resources 

  • Description of Generic Sensor Types for the CDM Collection System [pdf]
  • CDM Defect False Positive Triage Guide [pdf]
  • IT Security Continuous Monitoring Shared Services Security Concept of Operations (SECONOPS) [pdf]

 

For more CDM Training resources, please enroll in the CDM community on FedVTE and STEPfwd.  

Back to Top