DCISE Resources

DCISE Resources and Partner Support

Find DCISE service offerings, partner engagement opportunities, threat intelligence products, incident-reporting guidance, malware submission resources, policy references, and contact information in one organized resource library.

 

DCISE Service Offerings

DCISE provides cybersecurity-as-a-service capabilities that help Defense Industrial Base partners identify risk, improve visibility, and strengthen enterprise resilience.

Threat Monitoring

DCISE3

Automated threat detection, scoring, and blocking with integrated DCISE threat intelligence.

Vulnerability Discovery

DIB Vulnerability Disclosure Program

Uses independent ethical researchers to identify vulnerabilities on publicly facing DIB infrastructure.

Explore the DIB-VDP

Network Visibility

DC3 ENSITE

Delivers near real-time threat intelligence and AI/ML-powered detection through a centralized dashboard.

Explore DC3 ENSITE

Partner Engagement

Events, Exercises, and Webinars

DCISE facilitates partner-focused events throughout the year to strengthen relationships, exchange threat information, and improve preparedness.

For event registration assistance, email DC3.DCISE@us.af.mil.

Partner Familiarization Event

An introductory meeting for newly onboarded partners covering points of contact, service offerings, and incident-reporting procedures.

Analyst-to-Analyst

Partner-driven exchanges focused on advanced persistent threat tactics, technology targeting, and current threat reporting.

Business-to-Business

Introduces DCISE products and services to partner points of contact and corporate leadership.

DC3 Technical Exchange

Biannual classified and unclassified meetings where partners and government stakeholders share threat briefs, tools, lessons learned, and industry insights.

Regional Partner Exchange

A regional event featuring tailored threat briefings, networking, partner presentations, panels, and collaboration.

DCISE F.I.R.E.

A one-day technology-supported tabletop exercise covering incident response, intrusion detection, and related skills.

DIB Webinar

Unclassified sessions on adversary techniques, cyber trends, and topics relevant to DIB partners.

Partner Essentials

A recurring introductory web conference series that helps partners stay informed and prepared.

Threat Intelligence Products

DCISE produces products ranging from rapid indicator sharing and partner notifications to detailed strategic cyber threat analysis.

Threat Information Product

Uses U.S. Government reporting to share relevant indicators of compromise and narrative context.

CRF Rollup and Supplement

Enriches DIB reporting with actionable indicators, threat context, and additional analysis when new data becomes available.

Cyber Targeting Analysis Report

Provides in-depth risk analysis of adversarial targeting of Department of War technologies, platforms, and systems.

Threat Activity Report

Analyzes threat actor tactics, techniques, and procedures used against DIB targets.

Alerts, Warnings, Advisories, and TIPPERs

Notify partners about cyber threats ranging from critical to situational.

Weekly Indicator Round-Up and Slick Sheets

Consolidate indicators and provide concise information on selected cyber topics.

Incident Reporting

Mandatory and Voluntary Reporting Guidance

Use the comparison below to understand contractual reporting requirements and when voluntary reporting can support broader DIB situational awareness.

Mandatory Reporting

Required under DFARS 252.204-7012 for cyber incidents that affect:

  • Covered Defense Information or the systems where it resides.
  • The contractor's ability to provide operationally critical support.

Submit an Incident Report

Voluntary Reporting

Supports situational awareness, indicator sharing, and crowdsourcing of threat information when Department of War information is not affected.

  • Threat actor activity.
  • Suspicious files or malware.
  • Phishing activity.
  • Reconnaissance or exploitation attempts.

Malware and Forensic Analysis

DCISE is the point of contact for submitting malware and related files to the DC3 Cyber Forensics Laboratory for quick triage or in-depth examination.

Electronic Malware Submission Portal

Submit malware and suspicious files through the secure EMS portal.

Open the EMS Portal

Automated Malware Response

Receive automated analysis results, typically in less than 15 minutes, including antivirus checks, file attributes, notable strings, and YARA signature matches.

Submission Guidance

Malware and supporting files can be submitted with a voluntary or mandatory Incident Collection Format report.

Do not email malware directly to DCISE personnel.

Policy and Regulation

Policy and Regulatory Resources

Use these references for DIB cybersecurity activities, incident-reporting requirements, cloud services, and prohibited technologies.

32 CFR Part 236

Defense Industrial Base Cybersecurity Activities.

View 32 CFR Part 236

DFARS 252.204-7012

Safeguarding Covered Defense Information and Cyber Incident Reporting.

View DFARS 252.204-7012

DFARS 252.239-7010

Cloud Computing Services.

View DFARS 252.239-7010

FAR 52.204-23

Prohibition on contracting for certain covered hardware, software, and services.

View FAR 52.204-23

FAR 52.204-25

Prohibition on certain telecommunications and video surveillance services or equipment.

View FAR 52.204-25
Frequently Asked Questions

DCISE Partner Support FAQ

Expand a question below for common guidance on partner contacts, certificates, incident reporting, and account transitions.

Email DC3.DCISE@us.af.mil with your name, email address, and phone number.

Points of contact must have a Department of War-approved Medium Assurance Certificate and a signed Non-Disclosure Agreement.

Certificates are obtained directly from approved vendors, including IdenTrust and WidePoint.

Submit reports through the Incident Collection Format portal or call the DCISE hotline at 410-981-0104.

Email DC3.DCISE@us.af.mil with the name and contact information for the new designated point of contact.

Need additional help?

The DCISE team can assist with incident reporting, partner support, event registration, malware submission, and unanswered questions.

DCISE Inbox: DC3.DCISE@us.af.mil
DCISE Hotline: 410-981-0104