US flag   Official website of the Department of Homeland Security

Continuous Diagnostics and Mitigation (CDM)

About the CDM Program

Whether to receive important health or emergency information or to check on the provision of essential government services, millions of Americans visit government websites every day.  While increased connectivity has transformed and improved access to government, it also has increased the importance and complexity of our shared risk.  The growing number of cyber attacks on Federal government networks is growing more sophisticated, aggressive, and dynamic. Government computer networks and systems contain information on national security, law enforcement, and other sensitive data, including information about federal employees and others.  It is paramount that the government protects this information from theft and protects networks and systems from attacks while continually providing essential services to the public and protecting individual privacy, civil rights, and civil liberties.

The Continuous Diagnostics and Mitigation (CDM) program is a dynamic approach to fortifying the cybersecurity of computer networks and systems.  The CDM program provides capabilities and tools that enable network administrators to know the state of their respective networks at any given time, understand the relative risks and threats, and help system personnel to identify and mitigate flaws at near-network speed. 

DHS established the CDM program to support government efforts to provide adequate, risk-based, and cost-effective cybersecurity.  CDM, which is also available to state, local, and tribal government entities provides our stakeholders with the tools they need to protect their networks and enhance their ability to identify and mitigate cyber threats.

How CDM Works

The CDM program enables government entities to expand their continuous diagnostic capabilities by increasing their network sensor capacity, automating sensor collections, and prioritizing risk alerts.

CDM offers commercial off-the-shelf (COTS) tools, with robust terms for technical modernization as threats change. First, agency-installed sensors perform an automated search for known cyber flaws. Results feed into a local dashboard that produces customized reports, alerting network managers to their worst and most critical cyber risks based on standardized and weighted risk scores. Prioritized alerts enable agencies to efficiently allocate resources based on the severity of the risk. Progress reports that track results, which can be used to compare security posture among department/agency networks.  Summary information can feed into an enterprise-level dashboard to inform and prioritize cyber risk assessments.

Continuous Diagnostics and Mitigation Process

Continuous Diagnostics and Mitigation Process

Back to Top