• Cyber Awareness Challenge 2025

    The purpose of the Cyber Awareness Challenge is to influence behavior, focusing on actions that authorized users can engage to mitigate threats and vulnerabilities to DoD Information Systems.

    Challenge 2025 Available Here
  • Explore New DoD Cyber and Information Technology Exchange Program Opportunities

    CITEP This program provides a unique opportunity for GS-11 (or equivalent) and above DoD civilian and private industry employees to participate in temporary details across sectors to hone their cyber and IT skills.

    Learn More
  • The 2023-2027 DoD Cyber Workforce Strategy Implementation Plan is Published!

    This Implementation Plan is strategically designed to be agile, flexible, and responsive, empowering the Department to effectively adapt and fulfill mission requirements within an ever-changing cyber domain.

    LEARN MORE
  • DoD Chief Information Officer Releases 2023-2027 Cyber Workforce Strategy

    This strategy takes a proactive approach in setting unifying direction and guidance for the Department to foster a cyber workforce capable of adapting to the evolving needs, threats, and challenges of the cyber domain. It identifies the need for a cultural shift to reform the management of the Department’s most valuable asset: its people.

    Learn More
  • DoD 8140 Manual "Cyberspace Workforce & Qualification Management Program"

    Publication of the long-awaited DoDM 8140.03 is here!
    The Manual completes the DoD 8140 policy series, which provides a targeted role-based approach to identify, develop, and qualify cyber workforce personnel by leveraging the DoD Cyber Workforce Framework.

    View 8140 Manual

Announcements

GPO Update

Group Policy Objects (GPOs) have been updated for October 2024. Refer to the Change Log document included in the zip file…

STIG Update

Note: All STIGs converted to NIST SP 800-53 Rev. 5 CCIs for Q3 (July 2024) were updated to include the deprecated Rev. 4…

Featured

External Certification Authority Program (ECA)

The ECA program supports the issuance of DoD-approved certificates to industry partners and other external entities and organizations. The ECA program is designed to provide the mechanism for these entities to securely communicate with the

DISA Approved Product List

The purpose of Department of Defense Information Network Approved Products List (DODIN APL) is to maintain a single consolidated list of products that have completed Interoperability (IO) and Cybersecurity certification. Use of the DODIN

/by Ciaran Salas

Get DoD Certs

These zip files contain all the Certification Authority (CA) certificates for the specified PKI in different formats.

/by Ciaran Salas

About the DoD Cyber Exchange

The DoD Cyber Exchange provides one-stop access to cyber information, policy, guidance and training for cyber professionals throughout the DoD, and the general public. These resources are provided to enable the user to comply with rules, regulations, best practices and federal laws. DISA is mandated to support and sustain the DoD Cyber Exchange (formerly the Information Assurance Support Environment (IASE)) as directed by DoDI 8500.01 and DODD 8140.01.

Public

The DoD Cyber Exchange Public provides limited access to publicly releasable cyber training and guidance to all Internet users.

NIPR

The DoD Cyber Exchange NIPR provides exclusive access to cyber training and guidance to users with DoD Public Key Infrastructure (PKI) credentials (or equivalent).

SIPR

The DoD Cyber Exchange SIPR provides access to cyber training and guidance to users with a SIPRNet token.

Training Catalog

Explore our catalog of cyber security training developed by Cyber Security experts: enroll in classroom courses and take training online.

U.S. Government Notice and Consent

You are accessing a U.S. Government (USG) Information System (IS) that is provided for USG-authorized use only.

By using this IS (which includes any device attached to this IS), you consent to the following conditions:

· The USG routinely intercepts and monitors communications on this IS for purposes including, but not limited to, penetration testing, COMSEC monitoring, network operations and defense, personnel misconduct (PM), law enforcement (LE), and counterintelligence (CI) investigations.

· At any time, the USG may inspect and seize data stored on this IS.

· Communications using, or data stored on, this IS are not private, are subject to routine monitoring, interception, and search, and may be disclosed or used for any USG authorized purpose.

· This IS includes security measures (e.g., authentication and access controls) to protect USG interests – not for your personal benefit or privacy.

Notwithstanding the above, using this IS does not constitute consent to PM, LE or CI investigative searching or monitoring of the content of privileged communications, or work product, related to personal representation or services by attorneys, psychotherapists, or clergy, and their assistants. Such communications and work product are private and confidential. See User Agreement for details.