United States Department of Defense Company Cyber Security Posture
defense.govThe mission of the Department of Defense is to provide military forces necessary to protect the security of our country. The U.S. military defends the homeland, deters adversaries, and builds security around the world by projecting U.S. influence and working with allies and partners. In case deterrence fails, the U.S. military is prepared to fight and win decisively against any adversary. Headed by Secretary of Defense Pete Hegseth, the Department is not only in charge of the military, it also employs a topnotch civilian workforce. With more than 1.3 million men and women on active duty, and 742,000 civilian personnel, we are also the nation's largest employer. The Pentagon, headquarters of the Department of Defense, is one of the largest office buildings in the world. Built in 1941 by the U.S. Army, the Pentagon has 17.5 miles of corridors yet it takes only seven minutes to walk between any two points in the building. Department of Defense personnel are the backbone of Americaโs national security. They represent the diverse makeup of our nation and support not only those on active duty but also families, veterans, and retirees through education, training, and benefit programs. Anything you want to do โ on land, sea, air, or space -- you can do in service to your nation by joining the Department of Defense. Search for Jobs and Internships at USAJobs.gov. http://dodcio.defense.gov/SocialMedia/UserAgreement.aspx
USDD Company Details
deptofdefense
65709 employees
1478950.0
928
Armed Forces
defense.gov
58
UNI_1268175
In-progress
USDD Risk Score (AI oriented)Between 900 and 1000
This score is AI-generated and less favored by cyber insurers, who prefer the TPRM score.
USDD Global Score.png)
United States Department of Defense Company Scoring based on AI Models
| Model Name | Date | Description | Current Score Difference | Score |
|---|---|---|---|---|
| AVERAGE-Industry | 03-12-2025 | This score represents the average cybersecurity rating of companies already scanned within the same industry. It provides a benchmark to compare an individual company's security posture against its industry peers. | N/A | Between 900 and 1000 |
United States Department of Defense Company Cyber Security News & History
| Entity | Type | Severity | Impact | Seen | Url ID | Details | View |
|---|---|---|---|---|---|---|---|
| United States Department of Defense | Cyber Attack | 100 | 7 | 08/2015 | UNI102224422 | Link | |
Rankiteo Explanation : Attack that could injure or kill peopleDescription: The computer system of the US defense department building, Pentagon suffered a cyberattack that resulted in a data breach incident. The attack resulted in major disruptions to the 4,000 military and civilian personnel who work for the Joint Chiefs of Staff. US officials investigated the incident and worked to restore its systems. | |||||||
| United States Department of Defense | Cyber Attack | 100 | 6 | 10/2018 | UNI141212522 | Link | |
Rankiteo Explanation : Attack threatening the economy of a geographical regionDescription: A California man along with his teammates targeted the United States Department of Defense in a sophisticated phishing attack. The crew scammed the Dod vendors by sending emails and presenting them with a lookalike login page of GSA and capturing their login credentials and hacking their accounts and routing payments to the shell entity they had set up for the attack. The attackers apparently collected about $23.5 million in payments from DoD before the scam and all the conspirators were put behind the bar. | |||||||
| United States Department of Defense | Cyber Attack | 60 | 6 | 06/2017 | UNI1235311022 | Link | |
Rankiteo Explanation : Attack threatening the economy of geographical regionDescription: The computer system of the US defense department was targeted by a cyber attack after a computer hacker stole hundreds of user accounts from a US military communications system. Additionally, NCA investigators discovered that Caffrey's machines were used to open and run a pseudonymous online messaging account connected to the attack. The compromised data includes usernames and email addresses of more than 800 users of a satellite communications system, as well as of about 30,000 satellite phones. According to the DoD, it cost about $628,000 to repair the harm the hacker's infiltration caused. | |||||||
| The US Department of Defense | Cyber Attack | 100 | 8 | 6/2024 | DEP902070724 | Link | |
Rankiteo Explanation : Attack that could bring to a warDescription: In 2022, a significant cyberattack targeted the KA-Sat consumer satellite broadband service, affecting the satellites and disrupting broadband services. Such a breach highlights the vulnerabilities and potential risks to national security posed by cyber threats to key satellite infrastructure. The severity of these disruptions in space has implications that can transcend beyond military communications, impacting various aspects of civilian life and the expansive global market that relies on satellite technology. The US military's Commercial Augmentation Space Reserve (CASR) initiative aims to improve resilience against such threats by partnering with the commercial space industry. | |||||||
| US Defense Department | Cyber Attack | 100 | 7 | 11/2024 | DEP001112324 | Link | |
Rankiteo Explanation : Attack that could injure or kill peopleDescription: US military trials of the autonomous robotic gun system 'Bullfrog,' developed by Allen Control Systems, indicate a shift towards more precise small arms fire for counter-drone measures. Utilizing a 7.62-mm M240 machine gun, the Bullfrog incorporates AI and computer vision software to accurately target and eliminate drone threats. The successful testing suggests an improvement in protective measures for US troops against low-cost adversarial drones, enhancing battlefield safety and tactical capabilities. With the potential to be the first lethal autonomous weapon in the US military's arsenal, the Bullfrog stands as a testament to the integration of advanced technology in defense strategies. | |||||||
| United States Department of Defense | Data Leak | 60 | 3 | 06/2017 | UNI954261123 | Link | |
Rankiteo Explanation : Attack with significant impact with internal employee data leaksDescription: The 25-year-old Sutton Coldfield, England hacker Sean Caffrey entered a guilty plea to obtaining user accounts from a communications system used by the US military. The NCA claims that the guy acknowledged in Birmingham Crown Court to having stolen data from 800 customers of a satellite communications system. According to the computer hacker, a US military communications system contained hundreds of user accounts that were stolen. In addition to almost 30,000 satellite phones, the hacker gained access to and took the ranks, usernames, and email addresses of over 800 subscribers of a satellite communications system. | |||||||
| Department of Defense | Vulnerability | 50 | 1 | 6/2025 | DEP306061125 | Link | |
Rankiteo Explanation : Attack without any consequencesDescription: The Department of Defense's enterprise Identity Credential and Access Management initiative is transitioning from traditional security models to modern authentication frameworks to address critical vulnerabilities identified in federal systems. This move is essential to counter evolving cyber threats without compromising collaborative capabilities. The initiative includes the creation of the DoD ICAM Federation Hub, which allows identity systems across military branches to provide cross-system security enforcement, eliminating delays and connection issues for warfighters. | |||||||
United States Department of Defense Company Subsidiaries
The mission of the Department of Defense is to provide military forces necessary to protect the security of our country. The U.S. military defends the homeland, deters adversaries, and builds security around the world by projecting U.S. influence and working with allies and partners. In case deterrence fails, the U.S. military is prepared to fight and win decisively against any adversary. Headed by Secretary of Defense Pete Hegseth, the Department is not only in charge of the military, it also employs a topnotch civilian workforce. With more than 1.3 million men and women on active duty, and 742,000 civilian personnel, we are also the nation's largest employer. The Pentagon, headquarters of the Department of Defense, is one of the largest office buildings in the world. Built in 1941 by the U.S. Army, the Pentagon has 17.5 miles of corridors yet it takes only seven minutes to walk between any two points in the building. Department of Defense personnel are the backbone of Americaโs national security. They represent the diverse makeup of our nation and support not only those on active duty but also families, veterans, and retirees through education, training, and benefit programs. Anything you want to do โ on land, sea, air, or space -- you can do in service to your nation by joining the Department of Defense. Search for Jobs and Internships at USAJobs.gov. http://dodcio.defense.gov/SocialMedia/UserAgreement.aspx
Access Data Using Our API
Get company history
Rapid.png)
USDD Cyber Security News
'Cyber security' behind decision to end defense satellite sharing of hurricane data
It is expected that the discontinuation of data from three defense weather satellites will severely impact hurricane forecasts this season andย ...
DARPA Calls on Industry to Assist With Improving, Strengthening DOD Cybersecurity
The program will provide seed funding to formal methods tool developers who partner with defense companies to apply formal methods tools andย ...
SealingTech Boosts Production of DoD Cyber Hunt Kits with NCS Technologies
None
DOD gets millions for cyber capabilities under GOP reconciliation package
The law establishes a $250 million investment for AI-related efforts at Cyber Command. Meanwhile, U.S. Indo-Pacific Command would get $1 millionย ...
IT Systems Annual Assessment: DOD Needs to Improve Performance Reporting and Cybersecurity Planning
The Department of Defense spent, or planned to spend, $10.9 billion to maintain its IT business programs in FYs 2023-25. In our annual assessment, we reviewedย ...
Marquis Who's Who Honors David K. Garton, DSc, MBA, as a Leading Expert in Cybersecurity and Digital Strategy
Over a career of more than 25 years, Dr. Garton has become recognized as a leading authority in cybersecurity and enterprise IT. He began hisย ...
Cyber Command significantly increases funding request for defense in Indo-Pacific region
Cyber Command has requested significantly more funds to support cyber defense in the Pacific region and the Pacific Deterrence Initiative.
After years of growth, DoD cyber workforce braces for reductions
Pentagon officials are focused on upskilling to help stem the loss of civilians and contractors in the DoD cyber workforce.
Cybersecurity, a family trade
VIRGINIA BEACH, Va. โ A unique pair of cybersecurity professionals has traveled from North Carolina to Virginia Beach.
USDD Similar Companies
British Army
Joining the British Army, youโll get much more from life than you ever would with a civilian career โ youโll have the opportunity to do something that really matters, with a team that are like family to you. The sense of belonging in the Army is next level: when youโve trained with each other and ov
United States Army Reserve
The U.S. Army Reserve's mission, under Title 10 of the U.S. code, is to provide trained and ready Soldiers and units with the critical combat service support and combat support capabilities necessary to support nation strategy during peacetime, contingencies and war. The Army Reserve is a key elemen
U.S. Coast Guard
The mission of the U.S. Coast Guard is to protect the public, the environment, and U.S. economic interests โ in the nation's ports and waterways, along the coast, on international waters, or in any maritime region as required to support national security. As one of the five branches of the Armed
Royal Navy
At sea, on land and in the air. The Royal Navy is made up of five arms. The might of ships in the Surface Fleet, the aerial strength that is the Fleet Air Arm, the covert Submarine Service, the elite and amphibious Royal Marines, and the civilian fleet central to our effectiveness, the Royal Fleet
Royal Navy
At sea, on land and in the air. The Royal Navy is made up of five arms. The might of ships in the Surface Fleet, the aerial strength that is the Fleet Air Arm, the covert Submarine Service, the elite and amphibious Royal Marines, and the civilian fleet central to our effectiveness, the Royal Fleet
Royal Air Force (RAF)
Todayโs RAF is the UKโs aerial, peacekeeping and fighting force. Itโs made up of full-time Regulars and spare-time Reserves who come from diverse backgrounds and work side-by-side to make a difference at home and abroad. When it comes to recruitment our focus is attracting the best personnel and ens
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
USDD CyberSecurity History Information
How many cyber incidents has USDD faced?
Total Incidents: According to Rankiteo, USDD has faced 7 incidents in the past.
What types of cybersecurity incidents have occurred at USDD?
Incident Types: The types of cybersecurity incidents that have occurred incidents Data Leak, Cyber Attack and Vulnerability.
What was the total financial impact of these incidents on USDD?
Total Financial Loss: The total financial loss from these incidents is estimated to be $24.13 million.
How does USDD detect and respond to cybersecurity incidents?
Detection and Response: The company detects and responds to cybersecurity incidents through remediation measures with Modernization of authentication frameworks, implementation of ICAM systems and enhanced monitoring with Real-time threat detection and recovery measures with US officials investigated the incident and worked to restore its systems.
Incident Details
Can you provide details on each incident?
Incident : Security Vulnerability
Title: Department of Defense Enterprise Identity Credential and Access Management Initiative
Description: The Department of Defenseโs enterprise Identity Credential and Access Management initiative is modernizing authentication frameworks to address critical vulnerabilities in federal systems. The shift from traditional security models to modern ICAM systems includes secure authentication, access control, recertification, automated account provisioning, and separation of duties.
Date Publicly Disclosed: 06-10-25
Type: Security Vulnerability
Vulnerability Exploited: Critical vulnerabilities in federal systems
Motivation: Enhancing cyber defense capabilities
Incident : Military Technology Advancement
Title: US Military Trials of Autonomous Robotic Gun System 'Bullfrog'
Description: US military trials of the autonomous robotic gun system 'Bullfrog,' developed by Allen Control Systems, indicate a shift towards more precise small arms fire for counter-drone measures. Utilizing a 7.62-mm M240 machine gun, the Bullfrog incorporates AI and computer vision software to accurately target and eliminate drone threats. The successful testing suggests an improvement in protective measures for US troops against low-cost adversarial drones, enhancing battlefield safety and tactical capabilities. With the potential to be the first lethal autonomous weapon in the US military's arsenal, the Bullfrog stands as a testament to the integration of advanced technology in defense strategies.
Type: Military Technology Advancement
Motivation: Enhancing protective measures for US troops against low-cost adversarial drones
Incident : Cyberattack
Title: KA-Sat Satellite Broadband Service Cyberattack
Description: In 2022, a significant cyberattack targeted the KA-Sat consumer satellite broadband service, affecting the satellites and disrupting broadband services. Such a breach highlights the vulnerabilities and potential risks to national security posed by cyber threats to key satellite infrastructure. The severity of these disruptions in space has implications that can transcend beyond military communications, impacting various aspects of civilian life and the expansive global market that relies on satellite technology. The US military's Commercial Augmentation Space Reserve (CASR) initiative aims to improve resilience against such threats by partnering with the commercial space industry.
Date Detected: 2022
Type: Cyberattack
Incident : Data Breach
Title: Hacker Sean Caffrey Pleads Guilty to Stealing US Military Satellite Communication Data
Description: Sean Caffrey, a 25-year-old hacker from Sutton Coldfield, England, pleaded guilty to stealing user accounts from a communications system used by the US military. The hacker obtained data from 800 customers of a satellite communications system, including ranks, usernames, and email addresses, as well as access to almost 30,000 satellite phones.
Type: Data Breach
Attack Vector: Unauthorized Access
Threat Actor: Sean Caffrey
Incident : Cyber Attack
Title: US Defense Department Cyber Attack
Description: The computer system of the US defense department was targeted by a cyber attack after a computer hacker stole hundreds of user accounts from a US military communications system.
Type: Cyber Attack
Attack Vector: Stolen User Accounts
Threat Actor: Computer Hacker
Incident : Phishing
Title: Phishing Attack on United States Department of Defense
Description: A California man along with his teammates targeted the United States Department of Defense in a sophisticated phishing attack. The crew scammed the Dod vendors by sending emails and presenting them with a lookalike login page of GSA and capturing their login credentials and hacking their accounts and routing payments to the shell entity they had set up for the attack. The attackers apparently collected about $23.5 million in payments from DoD before the scam and all the conspirators were put behind the bar.
Type: Phishing
Attack Vector: Email and fake login page
Vulnerability Exploited: Human vulnerability through phishing
Threat Actor: A California man and his teammates
Motivation: Financial gain
Incident : Cyberattack and Data Breach
Title: Pentagon Cyberattack and Data Breach
Description: The computer system of the US defense department building, Pentagon suffered a cyberattack that resulted in a data breach incident.
Type: Cyberattack and Data Breach
What are the most common types of attacks the company has faced?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
How does the company identify the attack vectors used in incidents?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Email.
Impact of the Incidents
What was the impact of each incident?
Incident : Cyberattack DEP902070724
Systems Affected: satellites, broadband services
Incident : Data Breach UNI954261123
Data Compromised: ranks, usernames, email addresses, satellite phone access
Systems Affected: satellite communications system
Incident : Cyber Attack UNI1235311022
Financial Loss: $628,000
Data Compromised: Usernames and email addresses of more than 800 users of a satellite communications system, as well as of about 30,000 satellite phones.
Systems Affected: US military communications system
Incident : Cyberattack and Data Breach UNI102224422
Downtime: Major disruptions
Operational Impact: Major disruptions to 4,000 military and civilian personnel who work for the Joint Chiefs of Staff
What is the average financial loss per incident?
Average Financial Loss: The average financial loss per incident is $3.45 million.
What types of data are most commonly compromised in incidents?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are ranks, usernames, email addresses, satellite phone access, Usernames, Email addresses and Login credentials.
Which entities were affected by each incident?
Incident : Security Vulnerability DEP306061125
Entity Type: Government
Industry: Defense
Location: United States
Size: Large
Incident : Cyberattack DEP902070724
Entity Type: Consumer Satellite Broadband Service
Industry: Telecommunications
Incident : Data Breach UNI954261123
Entity Type: Government
Industry: Defense
Location: United States
Customers Affected: 800
Incident : Cyber Attack UNI1235311022
Entity Type: Government
Industry: Defense
Location: United States
Incident : Cyberattack and Data Breach UNI102224422
Entity Type: Government
Industry: Defense
Location: United States
Response to the Incidents
What measures were taken in response to each incident?
Incident : Security Vulnerability DEP306061125
Remediation Measures: Modernization of authentication frameworks, implementation of ICAM systems
Enhanced Monitoring: Real-time threat detection
Incident : Cyberattack and Data Breach UNI102224422
Recovery Measures: US officials investigated the incident and worked to restore its systems
Data Breach Information
What type of data was compromised in each breach?
Incident : Data Breach UNI954261123
Type of Data Compromised: ranks, usernames, email addresses, satellite phone access
Number of Records Exposed: 800
Personally Identifiable Information: usernames, email addresses
Incident : Cyber Attack UNI1235311022
Type of Data Compromised: Usernames, Email addresses
Number of Records Exposed: 800 users, 30,000 satellite phones
Incident : Phishing UNI141212522
Type of Data Compromised: Login credentials
What measures does the company take to prevent data exfiltration?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Modernization of authentication frameworks, implementation of ICAM systems.
Ransomware Information
How does the company recover data encrypted by ransomware?
Data Recovery from Ransomware: The company recovers data encrypted by ransomware through US officials investigated the incident and worked to restore its systems.
Lessons Learned and Recommendations
What lessons were learned from each incident?
Incident : Security Vulnerability DEP306061125
Lessons Learned: Importance of modernizing authentication and anti-phishing security, real-time threat detection capabilities
Incident : Cyberattack DEP902070724
Lessons Learned: The incident highlights the vulnerabilities and potential risks to national security posed by cyber threats to key satellite infrastructure.
What recommendations were made to prevent future incidents?
Incident : Security Vulnerability DEP306061125
Recommendations: Adopt modern ICAM systems, implement federated partnerships
Incident : Cyberattack DEP902070724
Recommendations: The US military's Commercial Augmentation Space Reserve (CASR) initiative aims to improve resilience against such threats by partnering with the commercial space industry.
What are the key lessons learned from past incidents?
Key Lessons Learned: The key lessons learned from past incidents are Importance of modernizing authentication and anti-phishing security, real-time threat detection capabilitiesThe incident highlights the vulnerabilities and potential risks to national security posed by cyber threats to key satellite infrastructure.
What recommendations has the company implemented to improve cybersecurity?
Implemented Recommendations: The company has implemented the following recommendations to improve cybersecurity: Adopt modern ICAM systems, implement federated partnershipsThe US military's Commercial Augmentation Space Reserve (CASR) initiative aims to improve resilience against such threats by partnering with the commercial space industry..
References
Where can I find more information about each incident?
Incident : Security Vulnerability DEP306061125
Source: Federal News Network
URL: https://federalnewsnetwork.com/wp-content/uploads/2025/06/061025-OPTIVCLEARSHARK-BAASE-SEG-2.mp3
Date Accessed: 06-10-25
Where can stakeholders find additional resources on cybersecurity best practices?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Federal News NetworkUrl: https://federalnewsnetwork.com/wp-content/uploads/2025/06/061025-OPTIVCLEARSHARK-BAASE-SEG-2.mp3Date Accessed: 06-10-25.
Initial Access Broker
How did the initial access broker gain entry for each incident?
Incident : Phishing UNI141212522
Entry Point: Email
High Value Targets: Vendors of DoD
Data Sold on Dark Web: Vendors of DoD
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident?
Incident : Security Vulnerability DEP306061125
Root Causes: Critical vulnerabilities in federal systems
Corrective Actions: Implementation of modern ICAM systems
Incident : Phishing UNI141212522
Root Causes: Human vulnerability to phishing attacks
What is the company's process for conducting post-incident analysis?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Real-time threat detection.
What corrective actions has the company taken based on post-incident analysis?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Implementation of modern ICAM systems.
Additional Questions
General Information
Who was the attacking group in the last incident?
Last Attacking Group: The attacking group in the last incident were an Sean Caffrey, Computer Hacker and A California man and his teammates.
Incident Details
What was the most recent incident detected?
Most Recent Incident Detected: The most recent incident detected was on 2022.
What was the most recent incident publicly disclosed?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 06-10-25.
Impact of the Incidents
What was the highest financial loss from an incident?
Highest Financial Loss: The highest financial loss from an incident was $23.5 million.
What was the most significant data compromised in an incident?
Most Significant Data Compromised: The most significant data compromised in an incident were ranks, usernames, email addresses, satellite phone access, Usernames and email addresses of more than 800 users of a satellite communications system, as well as of about 30,000 satellite phones. and Login credentials.
What was the most significant system affected in an incident?
Most Significant System Affected: The most significant system affected in an incident were satellites, broadband services and satellite communications system and US military communications system.
Data Breach Information
What was the most sensitive data compromised in a breach?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were ranks, usernames, email addresses, satellite phone access, Usernames and email addresses of more than 800 users of a satellite communications system, as well as of about 30,000 satellite phones. and Login credentials.
What was the number of records exposed in the most significant breach?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 31.6K.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Importance of modernizing authentication and anti-phishing security, real-time threat detection capabilities, The incident highlights the vulnerabilities and potential risks to national security posed by cyber threats to key satellite infrastructure.
What was the most significant recommendation implemented to improve cybersecurity?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Adopt modern ICAM systems, implement federated partnerships, The US military's Commercial Augmentation Space Reserve (CASR) initiative aims to improve resilience against such threats by partnering with the commercial space industry..
References
What is the most recent source of information about an incident?
Most Recent Source: The most recent source of information about an incident is Federal News Network.
What is the most recent URL for additional resources on cybersecurity best practices?
Most Recent URL for Additional Resources: The most recent URL for additional resources on cybersecurity best practices is https://federalnewsnetwork.com/wp-content/uploads/2025/06/061025-OPTIVCLEARSHARK-BAASE-SEG-2.mp3 .
Initial Access Broker
What was the most recent entry point used by an initial access broker?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Email.
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Critical vulnerabilities in federal systems, Human vulnerability to phishing attacks.
What was the most significant corrective action taken based on post-incident analysis?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Implementation of modern ICAM systems.
What Do We Measure?
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
