Partners Portal | Compliance Guides

Comply with CISA Binding Operational Directive 23-01

The Cybersecurity and Infrastructure Security Agency (CISA) issued a Binding Operational Directive (BOD) on October 3, 2022 that requires all Federal Civilian Executive Branch (FCEB) agencies to improve asset visibility and vulnerability detection on federal networks. This directive is an extension of the President’s Executive Order on Cybersecurity (14028). 

Mandatory Cyber Asset Reporting Requirements for FCEB Agencies

All Federal Civilian Executive Branch (FCEB) agencies must take action and report to CISA by April 3, 2023.

  • Perform automated asset discovery of all IP-addressable assets every 7 days.
  • Initiate vulnerability enumeration every 14 days.
  • Upload vulnerability results into the Continuous Diagnostics and Mitigation (CDM) Agency Dashboard within 72 hours.
  • Initiate asset discovery and vulnerability enumeration on demand as required within 72 hours.

Binding Operational Directive 23-01

Learn how Sepio provides full visibility, control, and security for IT assets, ensuring protection against hardware-based threats. Download the Compliance Guide for more details

Download the Compliance Guide (.pdf)
Compliance-Guide_CISA-BOD-23-01