The Continuous Diagnostics and Mitigation (CDM) Tools support the Department of Homeland Security (DHS) CDM Program. The hardware and software products and associated services under this SIN undergo a DHS product qualification process in order to be added to the CDM Approved Products List (APL). The full complement of CDM subcategories includes tools, associated maintenance, and other related activities such as training. The SIN is organized by CDM capabilities into 5 subcategories. As shown below, the 5 CDM Tools SIN subcategories cover the 15 CDM Tool Functional Areas (TFAs) and allow for future innovation.

Manage “What is on the network?”: Identifies the existence of hardware, software, configuration characteristics and known security vulnerabilities.

  • TFA 1 – Hardware Asset Management
  • TFA 2 – Software Asset Management
  • TFA 3 – Configuration Settings Management
  • TFA 4 – Vulnerability Management

Manage “Who is on the network?”: Identifies and determines the users or systems with access authorization, authenticated permissions and granted resource rights.

  • TFA 6 – Manage Trust in People Granted Access
  • TFA 7 – Manage Security-Related Behavior
  • TFA 8 – Manage Credential and Authentication
  • TFA 9 – Manage Account/Access/Manage Privileges

Manage “How is the network protected?”: Determines the user/system actions and behavior at the network boundaries and within the computing infrastructure.

  • TFA 5 – Manage Network Access Controls

Manage “What is happening on the network?”: Prepares for events/incidents, gathers data from appropriate sources; and identifies incidents through analysis of data.

Due to the complexity to manage “What is happening on the network?”, this area is covered by three focus areas:

“What is happening on the network for Manage Events (MNGEVT)?”

  • TFA 10 – Prepare for Contingencies and Incidents
  • TFA 11 – Respond to Contingencies and Incidents

“What is happening on the network for Design and Build in Security (DBS)?”

  • TFA 12 – Design and Build in Requirements Policy and Planning
  • TFA 13 – Design and Build in Quality

“What is happening on the network for Operate, Monitor and Improve (OMI)?”

  • TFA 14 – Manage Audit Information
  • TFA 15 – Manage Operation Security

Emerging Tools and Technology: Includes CDM cybersecurity tools and technology not in any other subcategory.

  • Future innovations

View the full 132-44 CDM Tools SIN Description [PDF - 79 KB] for more details

print Share Icon Last Reviewed 2017-12-11