Active Cyber Defence (ACD) – The Second Year Report

The Active Cyber Defence (ACD) programme seeks to reduce the harm from commodity cyber attacks against the UK. The new report (PDF), written by the NCSC’s Technical Director Ian Levy, presents an honest analysis of the outcomes achieved in the ACD’s second year of operation. It covers a range of services from within the ACD programme, which includes:

  • Takedown Service: removing malicious content so it can’t cause harm
  • Mail Check: helping domain owners understand and control abuse of their email


  • Domain Discovery: helping system owners understand what internet domains they

    have registered

  • Web Check: proactively scanning websites for simple vulnerabilities and issues
  • Protective DNS: protecting the public sector at scale from harmful internet stuff
  • Routing and signalling: protecting the protocols that route our traffic around the


  • Host-based capability: getting a handle on public sector IT
  • Vulnerability Disclosure Platform: making it easy to report vulnerabilities in govern

    ment services

  • Suspicious email incubator: building a service to help the public report on suspicious

    stuff and automatically take protective action

You can also read a blog post written by Ian Levy discussing the report and its impact.