CISA Free Services and Tools Intake Form

7/28/23, 12:25 PM

CISA Free Services and Tools Intake Form

CISA Free Services and Tools
Intake Form
PRA Burden Statement: The public reporting burden to complete this information collection is
estimated at 3 minutes per response, including the time completing and reviewing the collected
information. The collection of this information is voluntary. An agency may not conduct or
sponsor, and a person is not required to respond to a collection of information unless it displays
a currently valid OMB control number and expiration date. Send comments regarding this
burden estimate or any other aspect of this collection of information, including suggestions for
reducing this burden to DHS/CISA. Mail Stop 0608, 245 Murray Lane SW, Arlington, VA 20598.
ATTN: PRA [1670-0027]
OMB Control Number: 1670-0027
OMB Expiration Date: 5/31/2024
The Cybersecurity and Infrastructure Security Agency (CISA) is collecting a list of free
cybersecurity services and tools that can enhance the cyber resilience of vulnerable and underresourced critical infrastructure sectors. CISA is asking organizations to submit eligible free
resources that will be considered for inclusion in this repository: https://www.cisa.gov/freecybersecurity-services-and-tools.
CISA does not endorse any commercial product or service, including those that will be included
in this list. CISA selects products and services for inclusion in the list at its sole and unreviewable
discretion.
If you are aware of a free open source or proprietary cybersecurity tool or service that meets the
below Criteria and Requirements, please submit a request for determination by completing this
form. Submissions will be considered in the order they are received, and updates to the catalog
occur triweekly. 
*For
Required
any related questions, adjudication status or any modification request to original submission,
please email us at [email protected].     

Criteria and Requirements
https://forms.office.com/pages/designpagev2.aspx?lang=en-US&origin=OfficeDotCom&route=Start&sessionid=bf40eb15-5093-4a85-b452-4ae569156…

1/7

7/28/23, 12:25 PM

CISA Free Services and Tools Intake Form

1

The vendor is based in the United States or has otherwise been vetted by CISA
for supply chain risks. *

Yes
No

Other

2

The vendor has deep expertise in cybersecurity or possesses a unique capability
to assist vulnerable and under-resourced entities in one or more sectors of U.S.
critical infrastructure. *

Yes
No

Other

https://forms.office.com/pages/designpagev2.aspx?lang=en-US&origin=OfficeDotCom&route=Start&sessionid=bf40eb15-5093-4a85-b452-4ae569156…

2/7

7/28/23, 12:25 PM

CISA Free Services and Tools Intake Form

3

The vendor may be able to provide free cybersecurity tools, services, or
infrastructure in support of vulnerable and under-resourced owners and
operators of State, Local, Tribal, and Territorial (SLTT) infrastructure and critical
infrastructure operators. *

Yes
No

Other

4

The free cybersecurity tool, service, or infrastructure that the vendor may be
able to provide: *

(a) is not time limited or a trial version of a paid product
(b) does not automatically enroll users into any paid arrangements
(c) is generally available to any entity or user with an Internet connection.

Other

https://forms.office.com/pages/designpagev2.aspx?lang=en-US&origin=OfficeDotCom&route=Start&sessionid=bf40eb15-5093-4a85-b452-4ae569156…

3/7

7/28/23, 12:25 PM

CISA Free Services and Tools Intake Form

5

Is the tool open-source software, Enterprise open source, or proprietary? *

Open source software
Proprietary
Enterprise open source

Other

https://forms.office.com/pages/designpagev2.aspx?lang=en-US&origin=OfficeDotCom&route=Start&sessionid=bf40eb15-5093-4a85-b452-4ae569156…

4/7

7/28/23, 12:25 PM

CISA Free Services and Tools Intake Form

Tool, Service, or Resource Information

6

Name of Service or Tool *

7

Suggested Skill Level Required *

Basic:  Fundamental computer literacy ((i.e., install software) and minimal understanding of
IT terminology and the tool’s use.
Intermediate: Capable of interpreting and understanding the tool’s outputs (i.e., SIEM
results, vulnerability reports etc.).
Advance: A subject matter expert and capable of interpreting and implementing various
aspects of the tool.

https://forms.office.com/pages/designpagev2.aspx?lang=en-US&origin=OfficeDotCom&route=Start&sessionid=bf40eb15-5093-4a85-b452-4ae569156…

5/7

7/28/23, 12:25 PM

CISA Free Services and Tools Intake Form

8

Owner of the Tool/Maintainer  *

9

Description of the tool (2-3 Sentences) *

10

Web Link *

https://forms.office.com/pages/designpagev2.aspx?lang=en-US&origin=OfficeDotCom&route=Start&sessionid=bf40eb15-5093-4a85-b452-4ae569156…

6/7

7/28/23, 12:25 PM

CISA Free Services and Tools Intake Form

11

What category does the tool, service, or resource fall under? *

Reducing the Likelihood of a Damaging Cyber Incident
Take Steps to Quickly Detect a Potential Intrusion
Ensure that the Organization is Prepared to Respond if an Intrusion Occurs
Maximize the Organization's Resilience to a Destructive Cyber Incident

12

Any other information about your product that would be helpful for CISA to
know as it evaluates your product's applicability to the Free Cybersecurity
Services and Tools List?

13

How likely are you to recommend CISA Free Services and Tools to a partner?

This content is neither created nor endorsed by Microsoft. The data you submit will be sent to the form owner.
Microsoft Forms

https://forms.office.com/pages/designpagev2.aspx?lang=en-US&origin=OfficeDotCom&route=Start&sessionid=bf40eb15-5093-4a85-b452-4ae569156…

7/7