The cyber civil defence services provided by the Shadowserver Foundation are the most overlooked and critical tool for securing your network.
If you are a cybersecurity professional and NOT signed up to Shadowserver, you are missing details that will protect your network from the next attack.
If you want a quick introduction to Shadowserver, check out this video on YouTube: Who is “Shadowserver? (https://youtu.be/NUw-fQEffng?si=15qU0ps4iWRBVOMb).
How do you get connected with Shadowserver?
Step 1 – Sign up for the Public Mailing List.
Two to three Alert Updates are sent weekly via Shadowserver’s public mailing list and social media. These are critical updates to risks that could be inside your network. Signing up to the public mailing list with social media (Step 2) gives you a heads-up to check the free data from Shadowserver.
Shadowserver is DIFFERENT from other commercial threat reporting. Shadowserver works in multiple TLP: RED threat research communities, International Law Enforcement, The Shadowserver Alliance, and many other security trust groups. They are often the first to give you a heads-up about what is happening, allowing you time to react quickly and lock down your organization from risk.
- Sign up for the public@shadowserver.org mailing list here: https://mail.shadowserver.org/mailman/listinfo/public
- Contact Shadowserver with questions on how to sign up here: https://www.shadowserver.org/contact/
Step 2 – Follow Shadowserver on all the Social Media Forums
Shadowserver posts all the updates via email and social media. To can follow Shadowserver’s social media. Here is an example from the latest Fortinet FortiClient EMS CVE-2023-48788:
- QTritter: https://twitter.com/Shadowserver/status/1771963616092193085
- Mastodon: https://infosec.exchange/@shadowserver/112152028608442632
- BlueSky: https://bsky.app/profile/shadowserver.bsky.social/post/3kohkj4vmxe2r
- Linkedin: https://www.linkedin.com/feed/update/urn:li:activity:7177730593416175616
Step 3 – Sign up to Shadowservers Free Cyber Civil Defence Reporting
Yes! The most comprehensive “attack surface” reporting on your network is available at NO COST!
Go to https://www.shadowserver.org/what-we-do/network-reporting/get-reports/ and sign up to start the process.
You will be asked for details about yourself, your network, and how Shadowserver can validate your authorization with the IP addresses, ASNs, and domains.
How is this unique and critical cyber security data “Free?”
Shadowserver’s infrastructure, staff, and public benefit work are funded by organizations that depend on a safe and reliable Internet. Cybercrime threatens their businesses. Shadowserver Alliance supporters know that “cyber walls” will not protect them. The best way to defend against a threat from other parts of the world is by going to the source, mitigating the risk, increasing the cybersecurity skills in that location, and collaborating globally. Cyber Civil Defence protects users all over the world. One country targeted with malware quickly becomes a global problem.
Don’t depend on a cyber-defense wall. If your business depends on the Internet, consider funding Shadowserver’s mission through the Shadowserver Alliance.
Are you looking for low-cost & effective cyber security & resiliency?
Do your homework before spending $$$ on vendor solutions that try to match many of the public benefit cybersecurity tools. Reach out to a community with decades of experience who seek to help organizations minimize their cybersecurity risk through essentials that leverage public benefit services. Cyber Civil Defence tools like Shadowserver.org provide organizations with quality that cannot be matched through commercial alternatives.
- Subscribe to the Senki Community Mailing List. Stay connected to Surfing Cybersecurity practical advice and critical “do this now” operation security recommendations by email.
- Subscribe to Senki’s YOUTUBE Channel for videos on this and other security topics.
- Ask questions to Barry Greene – bgreene@senki.org
The materials and guides posted on www.senki.org here are designed to help organizations leverage the talent around them to get started with their security activities. Start with the Operator’s Security Toolkit and Meaningful Security Conversations with your Vendors. Each is no-nonsense security for all Operators. It provides details to help them build more security-resilient networks. In the meantime, stay connected to the Senki Community to get updates on new empowerment and security insights.