CISA has released several documents as part of the Secure Cloud Business Applications (SCuBA) project:
The Technical Reference Architecture (TRA) document, previously released for public comment on April 19, 2022, is the final version of a security guide that agencies can use to adopt technology for cloud deployment, adaptable solutions, secure architecture, and zero trust frameworks.
The extensible Visibility Reference Framework (eVRF) guidebook provides an overview of the eVRF framework, which enables organizations to identify visibility data that can be used to mitigate threats, understand the extent to which specific products and services provide that visibility data, and identify potential visibility gaps. The guidebook is accompanied by two workbooks: eVRF Google Workspace and eVRF Microsoft 365 and two spreadsheets: eVRF Google Workspace and eVRF Microsoft 365 that detail Google Workspace and Microsoft 365 security controls.
Visit CISA’s SCuBA project page for more information and to review the guidance documents. Please contact CISA’s Cybersecurity Shared Services Office at CyberSharedServices@cisa.dhs.gov.
CISA released three Industrial Control Systems (ICS) advisories on August 21, 2025. These advisories provide…
CISA released four Industrial Control Systems (ICS) advisories on August 19, 2025. These advisories provide…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released thirty-two Industrial Control Systems (ICS) advisories on August 14, 2025. These advisories provide…
This website uses cookies.