Search

Gateway security guidance package: Gateway security principles   Publication

Jul 29, 2025 - Guidance written for audiences responsible for the procurement, operation and management of gateways.

New guidance to strengthen Microsoft Exchange Server security   News

Oct 31, 2025 - ASD’s ACSC and international partners have co-authored guidance on best practices for Microsoft Exchange Server to help organisations mitigate risks and prevent malicious activity.

Enhanced visibility and hardening guidance for communications infrastructure   Advisory

Dec 4, 2024 - This guide provides network engineers and defenders of communications infrastructure with best practices to strengthen their visibility and harden their network devices against successful exploitation carried out by PRC-affiliated and other malicious cyber actors.

New guidance to help fortify Australia’s critical infrastructure   News

Oct 13, 2025 - Australian CI is, and will continue to be, an attractive target for state-sponsored cyber actors. Read the CI Fortify publication to learn two actions CI operators can take to strengthen their resilience in preparation for instances of crisis or service disruption.

Mitigation strategies for edge devices: Practitioner guidance   Publication

Feb 4, 2025 - This publication expands on Mitigation strategies for edge devices: executive guidance. It provides IT practitioners with a list of mitigation strategies for the most common types of edge devices and appliances across enterprise networks and large organisations.

New guidance on integrating a Software Bill of Materials (SBOM)   News

Sep 4, 2025 - Get valuable guidance to inform organisations who procure, produce or operate software about the advantages of integrating a Software Bill of Materials (SBOM) into your security processes.

COVID-19 Malicious Scams - Threat Awareness and Guidance   Advisory

Mar 27, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has produced a detailed report, including practical cyber security advice that organisations and individuals can follow to reduce the risk of harm.

New guidance for engaging with artificial intelligence   News

Jan 24, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has released a new publication, Engaging with Artificial Intelligence (AI).

Gateway security guidance package: Overview   Publication

Jul 29, 2025 - This page provides an overview of ASD’s Gateway security guidance package.

IoT Secure by Design guidance for manufacturers   Publication

Sep 21, 2023 - This guidance has been produced for manufacturers in order to help them implement thirteen Secure by Design principles.

Gateway security guidance package   Guidance

Jul 29, 2025 - This page lists publications on the hardening of gateway services.

Mitigation strategies for edge devices: Executive guidance   Publication

Feb 4, 2025 - This publication provides a high-level summary of ASD’s existing guidance to manage and secure edge devices effectively. It is intended for executives in large organisations and critical infrastructure providers that are responsible for the deployment, operation, security, and maintenance of enterprise networks. ASD is soon to release a comprehensive technical publication on mitigation strategies for edge devices for practitioners.

Managing the risks of legacy IT: Practitioner guidance   Publication

Jun 12, 2024 - This publication provides guidance for practitioners on managing the risks posed by legacy IT and outlines low-cost mitigations that organisations can draw upon.

Cloud shared responsibility model: Executive guidance   Publication

Oct 20, 2025 - This publication is for executives with cyber security responsibilities in government entities, critical infrastructure and large organisations that use or plan to use a cloud service. This guidance aims to strengthen your understanding of the shared responsibility model (SRM), and potential impacts to your cyber security posture and your governance obligations.

New guidance for mitigating risks from bulletproof hosting providers   News

Nov 20, 2025 - Get recommendations for ISPs and network defenders to counter cybercriminal activity enabled by bulletproof hosting providers without disrupting legitimate services.

New guidance for organisations to strengthen their network infrastructure   News

Oct 15, 2025 - This guidance supports executive and technical staff of medium-to-large organisations and government entities to strengthen their organisation’s network infrastructure.

Implementing SIEM and SOAR platforms: Practitioner guidance   Publication

May 27, 2025 - This publication provides high-level guidance for cyber security practitioners on Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.

New guidance for critical infrastructure on integrating AI securely into operational technology (OT) environments   News

Dec 4, 2025 - We have released guidance for critical infrastructure owners and operators for integrating AI into operational technology (OT) environments.

Guidance on digital forensics and protective monitoring specifications for producers of network devices and appliances   Publication

Feb 5, 2025 - This guidance has been developed with contributions from partnering agencies and is included in a series of publications aiming to draw attention to the importance of edge device cyber security measures.

Priority logs for SIEM ingestion: Practitioner guidance   Publication

May 27, 2025 - This document is again intended for cyber security practitioners and provides detailed, technical guidance on the logs that should be prioritised for SIEM ingestion. It covers log sources including Endpoint Detection and Response tools, Windows/Linux operating systems, and Cloud and Network Devices.