Hello, Guest.!

CISA Issues Directive on Using Cybersecurity Tools to Detect Microsoft Exchange Server Risks

1 min read
CISA Cybersecurity Tools
CISA Cybersecurity Tools

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a supplemental direction to help agencies use new tools for identifying vulnerabilities in their Microsoft Exchange Servers.

CISA said Wednesday that the emergency directive recommends agencies to use the Microsoft Safety Scanner or Microsoft Support Emergency Response Tool (MSERT) as well as the Test-ProxyLogon.ps1 script.

The tools are meant to support server hardening and forensic triage operations for the Microsoft-built servers that still handle network operations for federal agencies.

“Given the powerful privileges that Exchange manages by default and the amount of potentially sensitive information that is stored in Exchange servers operated and hosted by (or on behalf of) federal agencies, Exchange servers are a primary target for adversary activity,” CISA noted in the directive.

Best practices that CISA outlined include firewall protections, software updates, anti-malware protection and Continuous Diagnostics and Mitigation program validation.

Defense Cybersecurity Forum

Check out GovConWire's Defense Cybersecurity Forum coming up on May 12. Visit GovConWire Events to learn more.