Publications

Information security references

Strategies to Mitigate Cyber Security Incidents

  • Mitigation strategies
  • Essential eight explained
  • Essential eight maturity model
  • Implementation guides
  • Mandatory Top 4 requirement explained

Australian Government Information Security Manual

  • Executive Companion
  • Principles
  • Controls UPDATED 23 November 2017

Evaluated Products List and emanation security

Cloud computing and BYOD

Search ASD website

Title Audience / type Published
Antivirus Software using Reputation Rating Checking NEW Everyone 14/08/2017
Assessing Security Vulnerabilities and Applying Patches Everyone 15/04/2016
Catch, Patch, Match educational video Everyone 15/01/2014
CyberSense educational video Everyone 13/05/2010
Cyber Security for Contractors Everyone 24/03/2017
Detecting Socially-Engineered Emails Everyone 06/02/2017
Implementing Application Whitelisting Everyone 15/04/2016
Know and Minimise Your Vulnerabilities Before They Are Used Against You Everyone 20/12/2012
Passphrase Requirements NEW Everyone 02/11/2017
Questions to ask Managed Service Providers Everyone 24/03/2017
Restricting Administrative Privileges Everyone 15/03/2016
Top Security Tips for Personal Device Use Everyone 24/03/2017
Bring Your Own Device (BYOD) Considerations for Executives Senior managers 15/02/2014
Essential Eight Explained Senior managers 06/02/2017
Essential Eight Maturity Model UPDATED Senior managers 27/10/2017
Questions Senior Management Need to be Asking about Cyber Security Senior managers 20/08/2012
Top 4 Mitigation Strategies Senior managers 15/10/2012
Wireless Network Security Senior managers 30/01/2012
Cost of Compromise Government agencies 18/06/2014
Cyber Security Incidents: Are You Ready? Government agencies 20/03/2014
Cyber Security Picture 2013 Government agencies 23/06/2014
High Profile and International Events Cyber Security Advice Government agencies 12/11/2015
Implications of Using Webmail for Government Business Government agencies 06/02/2017
Personal Computing and the Implications for Agency Networks Government agencies 20/08/2012
Preparing for and Responding to Cyber Security Incidents Government agencies 13/09/2012
Preparing for and Responding to Denial of Service Activities Government agencies 24/10/2014
Security Tips for the Use of Social Media Websites Government agencies 06/02/2017
Travelling Overseas with an Electronic Device Government agencies 06/02/2017
BlackBerry Hardening Guide (PDF) Hardening guide 28/07/2011
Hardening Microsoft Office 2013 UPDATED Hardening guide 11/12/2017
Hardening Microsoft Office 2016 UPDATED Hardening guide 11/12/2017
Hardening Microsoft Windows 7 SP1 Workstations Hardening guide 01/06/2017
Hardening Microsoft Windows 8.1 Update Workstations Hardening guide 01/06/2017
Hardening Microsoft Windows 10 Workstations Hardening guide 01/06/2017
HGSDV Hardening Guide (PDF) Hardening guide 06/03/2009
Apple iOS Hardening Configuration Guide for iPod Touch, iPhones and iPads running iOS version 9 or higher Hardening guide 01/09/2016
Additional Security Considerations and Controls for Virtual Private Networks (VPNs) Technical advice 12/04/2013
An Examination of the Redaction Functionality in Adobe Acrobat Pro (PDF) Technical advice 12/11/2011
Data Spill Management Guide Technical advice 20/08/2012
Data Spill Sanitisation Guide Technical advice 20/08/2012
DNS Security Technical advice 20/08/2012
Drive-by Downloads Technical advice 20/12/2012
Email Filtering and Mitigating Circumvention Techniques (PDF) Technical advice 15/05/2004
End of Support for Microsoft Windows Server 2003 Technical advice 28/02/2015
End of Support for Microsoft Windows Vista and Office 2007 Technical advice 04/11/2016
End of Support for Microsoft Windows XP and Office 2003 Technical advice 16/07/2014
Malicious Email Mitigation Strategies Technical advice 01/08/2016
Microsoft Office Macro Security Technical advice 15/12/2016
Minimising the Threat from Java-based Intrusions Technical advice 24/06/2014
Mitigating Spoofed Emails – Sender Policy Framework (SPF) Explained Technical advice 20/12/2012
Mitigating the Use of Stolen Credentials to Access Agency Information Technical advice 20/08/2012
Multi-factor Authentication UPDATED Technical advice 22/09/2017
Network Segmentation and Segregation Technical advice 04/09/2012
Perfect Forward Secrecy Technical advice 10/02/2015
Protecting Web Applications and Users – Technical guidance for improving web application security through implementing web browser-based mitigations Technical advice 28/02/2012
Secure Administration Technical advice 29/09/2015
Securing Content Management Systems (CMS) Technical advice 29/07/2015
Securing PowerShell in the Enterprise Technical advice 15/03/2016
Technical Guidance for Windows Event Logging Technical advice 31/07/2017
Top 4 in a Linux Environment Technical advice 15/04/2016
Travelling Overseas with an Electronic Device – Technical Advice Technical advice 20/12/2012
Using Remote Desktop Clients Technical advice 14/12/2011
Wireless Network Security – Technical Advice Technical advice 30/01/2012
ASD Advice on Apple Release of iOS 7 Broadcast 16/10/2013
Changes to DSD’s Policy on Cryptographic Hash Function SHA-1 Broadcast 14/12/2011
Cyber Security Incident Reporting Broadcast 01/05/2014
DSD Advice on Patching Evaluated Products Broadcast 20/12/2012
DSD Advice regarding Release of Adobe Reader XI Broadcast 12/11/2012
DSD Approval for the Use of Suite B Cryptography for CONFIDENTIAL and above Broadcast 10/01/2013
Evaluation Pathway for Mobile Devices Broadcast 10/04/2014
Upcoming End of Support for Microsoft Windows XP SP3 and Microsoft Office 2003 Broadcast 15/10/2012
WPA2 Now a DSD-Approved Cryptographic Protocol Broadcast 16/06/2012
Rules to Protect the Privacy of Australians Rules 02/10/2012