Publications

Information security references

2016 Australian Government Information Security Manual

  • Executive Companion
  • Principles
  • Controls

Strategies to Mitigate Cyber Security Incidents

  • Mitigation strategies
  • Essential eight explained
  • Implementation guides
  • Mandatory Top 4 requirement explained

Evaluated Products List and emanation security

Cloud computing and BYOD

Search ASD website

Title Audience / type Published
ASD Cyber Security Bulletin, December 2015 (PDF) Bulletin 2015.12.08
ASD Cyber Security Bulletin, May 2015 (PDF) Bulletin 2015.05.30
ASD Cyber Security Bulletin, June 2014 (PDF) Bulletin 2014.06.25
ASD Cyber Security Bulletin, December 2013 (PDF) Bulletin 2013.12.12
ASD Cyber Security Bulletin, August 2013 (PDF) Bulletin 2013.08.28
Assessing Security Vulnerabilities and Applying Patches Everyone 2016.04.15
Catch, Patch, Match educational video Everyone 2014.01.15
CyberSense educational video Everyone 2010.05.13
Cyber Security for Contractors Everyone 2017.03.24
Detecting Socially-Engineered Emails Everyone 2017.02.06
Implementing Application Whitelisting Everyone 2016.04.15
Know and Minimise Your Vulnerabilities Before They Are Used Against You Everyone 2012.12.20
Questions to ask Managed Service Providers Everyone 2017.03.24
Restricting Administrative Privileges Everyone 2016.03.15
Top Security Tips for Personal Device Use Everyone 2017.03.24
Bring Your Own Device (BYOD) Considerations for Executives Senior managers 2014.02.15
Essential Eight Explained Senior managers 2017.02.06
Questions Senior Management Need to be Asking about Cyber Security Senior managers 2012.08.20
Top 4 Mitigation Strategies Senior managers 2012.10.15
Wireless Network Security Senior managers 2012.01.30
Cost of Compromise Government agencies 2014.06.18
Cyber Security Incidents: Are You Ready? Government agencies 2014.03.20
Cyber Security Picture 2013 Government agencies 2014.06.23
High Profile and International Events Cyber Security Advice Government agencies 2015.11.12
Implications of Using Webmail for Government Business Government agencies 2017.02.06
Personal Computing and the Implications for Agency Networks Government agencies 2012.08.20
Preparing for and Responding to Cyber Security Incidents Government agencies 2012.09.13
Preparing for and Responding to Denial of Service Activities Government agencies 2014.10.24
Security Tips for the Use of Social Media Websites Government agencies 2017.02.06
Travelling Overseas with an Electronic Device Government agencies 2017.02.06
BlackBerry Hardening Guide (PDF) Hardening guide 2011.07.28
Hardening Microsoft Office 2013 Hardening guide 2016.12.15
Hardening Microsoft Office 2016 Hardening guide 2016.12.15
Hardening Microsoft Windows 7 SP1 Workstations UPDATED Hardening guide 2017.05.24
Hardening Microsoft Windows 8.1 Update Workstations UPDATED Hardening guide 2017.05.24
Hardening Microsoft Windows 10 Workstations NEW Hardening guide 2017.05.24
HGSDV Hardening Guide (PDF) Hardening guide 2009.03.06
Apple iOS Hardening Configuration Guide for iPod Touch, iPhones and iPads running iOS version 9 or higher Hardening guide 2016.09.01
Additional Security Considerations and Controls for Virtual Private Networks (VPNs) Technical advice 2013.04.12
An Examination of the Redaction Functionality in Adobe Acrobat Pro (PDF) Technical advice 2011.11.12
Data Spill Management Guide Technical advice 2012.08.20
Data Spill Sanitisation Guide Technical advice 2012.08.20
DNS Security Technical advice 2012.08.20
Drive-by Downloads Technical advice 2012.12.20
Email Filtering and Mitigating Circumvention Techniques (PDF) Technical advice 2004.05.15
End of Support for Microsoft Windows Server 2003 Technical advice 2015.02.28
End of Support for Microsoft Windows Vista and Office 2007 Technical advice 2016.11.04
End of Support for Microsoft Windows XP and Office 2003 Technical advice 2014.07.16
Malicious Email Mitigation Strategies Technical advice 2016.08.01
Microsoft Office Macro Security Technical advice 2016.12.15
Minimising the Threat from Java-based Intrusions Technical advice 2014.06.24
Mitigating Spoofed Emails – Sender Policy Framework (SPF) Explained Technical advice 2012.12.20
Mitigating the Use of Stolen Credentials to Access Agency Information Technical advice 2012.08.20
Multi-factor Authentication Technical advice 2017.02.06
Network Segmentation and Segregation Technical advice 2012.09.04
Perfect Forward Secrecy Technical advice 2015.02.10
Protecting Web Applications and Users – Technical guidance for improving web application security through implementing web browser-based mitigations Technical advice 2012.02.28
Secure Administration Technical advice 2015.09.29
Securing Content Management Systems (CMS) Technical advice 2015.07.29
Securing PowerShell in the Enterprise Technical advice 2016.03.15
Top 4 in a Linux Environment Technical advice 2016.04.15
Travelling Overseas with an Electronic Device – Technical Advice Technical advice 2012.12.20
Using Remote Desktop Clients Technical advice 2011.12.14
Wireless Network Security – Technical Advice Technical advice 2012.01.30
ASD Advice on Apple Release of iOS 7 Broadcast 2013.10.16
Changes to DSD’s Policy on Cryptographic Hash Function SHA-1 Broadcast 2011.12.14
Cyber Security Incident Reporting Broadcast 2014.05.01
DSD Advice on Patching Evaluated Products Broadcast 2012.12.20
DSD Advice regarding Release of Adobe Reader XI Broadcast 2012.11.12
DSD Approval for the Use of Suite B Cryptography for CONFIDENTIAL and above Broadcast 2013.01.10
Evaluation Pathway for Mobile Devices Broadcast 2014.04.10
Upcoming End of Support for Microsoft Windows XP SP3 and Microsoft Office 2003 Broadcast 2012.10.15
WPA2 Now a DSD-Approved Cryptographic Protocol Broadcast 2012.06.15
Rules to Protect the Privacy of Australians Rules 2012.10.02