Election Security Tools & Resources

CIS and the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) provide many resources to support the cybersecurity needs of the election community. The resources below include guidance on security best practices developed by a global community of cybersecurity experts, that are tailored for the unique nature of election security.

Tools & Training

Various cybersecurity tools and training resources to help elections officials protect their systems and data.


Weekly News Alert

A non-technical publication for EI-ISAC members that provides news summaries and commentary on items of interest to the elections community.

For more information, contact [email protected] or [email protected]

Cybersecurity Spotlights

A short non-technical explanation of a common cybersecurity term or practice, and its application to elections infrastructure.

Arrow View all Cybersecurity Spotlights 

Malicious Code Analysis Platform (MCAP)

MCAP is a web-based service which allows members to submit suspicious files for analysis in a controlled and non-public fashion. MCAP also enables users to perform threat analysis based on domain, IP address, URL, HASH, and various IOCs.

MCAP users are able to obtain the results from analysis, behavioral characteristics and additional detailed information which allows users to remediate the incident in a timely manner. This communication with our members provides the EI-ISAC with the situational awareness needed to assess the malware threat characteristics facing our SLTT government entities on a national level.

Arrow Login to MCAP

Elections Security Checklist

A checklist that highlights key services recommended in A Handbook for Elections Infrastructure Security and available opportunities to implement them.

Arrow Download 

Technology Recommendations for Federal Election Security Funding

Identifies tools that can improve an election office’s cybersecurity posture in accordance with funding provided to states through the Election Assistance Commission.

Arrow Download 


Video tutorials for EI-ISAC services and non-technical explanations of cybersecurity topics to help secure elections agencies.

Arrow View Election Related Videos


Blog posts covering multiple cybersecurity topics including hardening elections infrastructure and limiting cyber threats.

Arrow View Election Related Blogs 

Table Top Exercises

The EI-ISAC supports national and local cyber exercises.

For more information, contact [email protected] or [email protected]

Incident Response Checklist

Learn how to identify, respond to, and communicate information about a breach.

Arrow Download 


Bi-monthly national webinars examine critical and timely cybersecurity issues to provide participants with quality information in an interactive format. Attendees receive practical advice that can be applied immediately.

Arrow View all Webinars 


Multiple guides to help elections agencies secure infrastructure, procurements, and more.


A Handbook for Elections Infrastructure Security

Protect your election's infrastructure with this free best practices handbook providing 88 best practices covering election management systems, voter registration systems, electronic pollbooks, vote capture devices, and results publishing.

  Arrow Search Best Practices

A Guide for Ensuring Security in Election Technology Procurements

Computer hardware, software, and services are often procured from various providers and are essential for an election organization to execute its mission. You can view the guidebook online and use the Searchable Best Practices Database to filter and export the appropriate procurement guidance for each of your IT projects.

  Arrow Search Best Practices

Security Best Practices for Non-Voting Election Technology Guide

An extension of the Handbook for Election Infrastructure Security, these security best practices cover America’s non-voting election technology. Find best practices on hosting and architecture, servers and workstations, software applications, data management, and administration in one place.

Arrow Download


The Rapid Architecture-Based Election Technology Verification (RABET-V) is an election technology verification process that supports rapid product changes by design. These documents give an overview of the process and a thorough review of the first pilot testing e-pollbook and election night reporting technologies.

Arrow Download RABET-V Overview Whitepaper Arrow Download RABET-V Pilot Final Report

Managing Cybersecurity Supply Chain Risks in Election Technology

This guide for election technology providers continues our approach of providing best practices for specific problem areas identified to CIS by the election community. It contains recommendations and best practices to address that need for cybersecurity risks, and refers to these other CIS documents to describe a holistic, consistent approach to risk management.

Arrow Download

Technical Resources

Technical resources to help elections officials harden their systems and data from cyber threats.


Monthly Advisory Summary

Summary of critical vulnerabilities identified in the previous month, along with recommendations for how executives should coordinate patching with their IT staff.

For more information, contact [email protected] or [email protected]

Weekly Top Attacking IPs and Domains

Weekly reports are provided highlighting malicious IPs and domains the EI-ISAC has identified through monitoring during the past seven days.

For more information, contact [email protected] or [email protected]


Anomali is the ISAC’s STIX/TAXII offering that includes two tools for analyzing and sharing indicators, STAXX and Threatstream. STAXX is a free tool that can subscribe to and publish STIX/TAXII feeds. EI-ISAC members also receive access to Anomali Threatstream, which is an advanced platform for threat information sharing, research and analysis.

For more information, contact [email protected] or [email protected]

Security Primers

Short documents to help bring elections officials up-to-speed on various cybersecurity threats such as ransomware.

Arrow View Security Primers 

CIS SecureSuite Membership

CIS SecureSuite Membership gives organizations around the world access to a collection of integrated cybersecurity resources such as CIS-CAT Pro Assessor, remediation content, and CIS-CAT Pro Dashboard. All of these tools help users evaluate and apply secure configuration settings to laptops, servers, network devices, and more. CIS SecureSuite Membership is free for U.S. SLTT organizations.

Arrow Enroll in CIS SecureSuite Membership


Multiple cybersecurity services help elections agencies review and improve their cybersecurity defenses.

Arrow View Services

Security Operations Center (SOC)

24/7 Security Operations Center staffed with cyber defense experts.

Computer Emergency Response Team (CERT)

The Computer Emergency Response Team (CERT) helps elections officials respond to cybersecurity incidents.

IP and Domain Monitoring

Monitoring alerts election offices on suspicious activity involving their IPs and domains.

Quarterly Threat Report

A summary of event-related data that may be of interest to elections officials, derived from the EI-ISAC's network monitoring services, information reported by trusted partners, gathered from open sources, and incidents responded to by the EI-ISAC. This report is intended to provide situational awareness of the elections community cyber risk landscape and should be used to assist election officials and their IT staff in their own analysis of the active information security threats facing their organizations.

Quarterly Call

Each quarter, a cybersecurity call to review current topics affecting elections agencies.

Cyber Alerts

Alerts about cybersecurity vulnerabilities that may affect elections agencies.

Threat notification

EI-ISAC analysts work with trusted affiliates to conduct research and gather intelligence about cyber threats (such as website defacements) targeting elections or elections-affiliated systems. Notices are sent to impacted EI-ISAC members based on predetermined escalation procedures. The EI-ISAC also provides recommended remediation steps and technical assistance.

Nationwide Cybersecurity Review (NCSR)

The Nationwide Cybersecurity Review (NCSR) is an annual survey that helps elections agencies assess and understand their cyber defenses.

Arrow View

Homeland Security Information Network (HSIN)

The Homeland Security Information Network (HSIN) is a portal for sharing sensitive, unclassified cybersecurity information.

Arrow View

Election Day Cyber Situational Awareness Room

Every election day, the EI-ISAC operates a Situational Awareness Room to allow members and designated partners the opportunity to collaborate, share information, and provide observations in real time.

Emergency Conference Calls

Members have access to conference calls to brief all members on major incidents or emerging events.


Albert Network Monitoring provides a signature-based intrusion detection system (IDS) for protecting elections agencies.

Arrow Learn more

Security Assessment and Consulting

Elections agencies can engage in cybersecurity assessments and consulting.

Arrow Learn more

Partner Resources

Resources from partners to help secure elections agencies.

CISA Election Security

Arrow View

EAC Election Security Preparedness

Arrow View

Google Protect Your Election

Arrow View

Cloudflare Athenian Project

Arrow View

Global Cyber Alliance Cybersecurity Toolkit for Elections

Arrow View