Latest publications 27 May 2025 Implementing SIEM and SOAR platforms: Executive guidance This publication is one of three in a suite of guidance on SIEM and SOAR platforms. It is primarily intended for executives but can be used by any organisation that is considering whether and how to implement a SIEM and/or SOAR. 27 May 2025 Implementing SIEM and SOAR platforms: Practitioner guidance This publication provides high-level guidance for cyber security practitioners on Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms. 27 May 2025 Priority logs for SIEM ingestion: Practitioner guidance This document is again intended for cybersecurity practitioners and provides detailed, technical guidance on the logs that should be prioritised for SIEM ingestion. It covers log sources including Endpoint Detection and Response tools, Windows/Linux operating systems, and Cloud and Network Devices. All publications Title AudienceIndividuals & familiesSmall & medium businessesOrganisations & Critical InfrastructureGovernment Sort by Sort byDate updated (new to old)Date updated (old to new)Title (A-Z)Title (Z-A) Items per page 61218243036424854606672788490200 04 Feb 2025 Mitigation strategies for edge devices: Practitioner guidance This publication expands on Mitigation strategies for edge devices: executive guidance. It provides IT practitioners with a list of mitigation strategies for the most common types of edge devices and appliances across enterprise networks and large organisations. 30 Jan 2025 Content Credentials: Strengthening Multimedia Integrity in the Generative AI Era This cybersecurity information sheet discusses how Content Credentials (especially Durable ones) can be valuable to protect the provenance of media, raises awareness of the state of this solution, provides recommended practices to ensure the preservation of provenance, and discusses the importance of widespread adoption across the information ecosystem. 22 Jan 2025 Detecting and mitigating Active Directory compromises This publication provides an overview of techniques used to compromise Active Directory, and recommended strategies to mitigate these techniques. By implementing the recommendations in this publication, organisations can significantly improve their Active Directory security, and therefore their overall network security posture. 22 Jan 2025 "Bulletproof" hosting providers Bulletproof hosting (BPH) providers lease cybercriminals a virtual and/or physical infrastructure from which to operate. BPH providers are a specific class of internet infrastructure service that enables malicious actors (including cybercriminals) to host illicit content and run operations on the internet. 14 Jan 2025 Secure by Demand This Secure by Demand guide, authored by CISA with contributions from the following partners, describes how OT owners and operators should integrate security into their procurement process when purchasing industrial automation and control systems as well as other OT products. 12 Dec 2024 Cybersecurity incident response planning: Executive guidance The Australian Signals Directorate (ASD) is responsible for monitoring and responding to cyberthreats targeting Australian interests. Reporting cybersecurity incidents to ASD ensures that timely assistance can be provided, if required. This may be in the form of investigations or remediation advice. Pagination Previous page ‹‹ Page 3 Next page ›› Alerts and Advisories Advice, guidance and publications Reports and statistics News Programs Glossary