Create your own awesome maps

Even on the go

with our free apps for iPhone, iPad and Android

Get Started

Already have an account?
Log In

The National Security Agency — Operates more than 500 separate signals intelligence platforms Employs roughly 30,000 civilians and military Budget: $10 billion by Mind Map: The National Security Agency
Operates more than 500
separate signals intelligence

Employs roughly 30,000 civilians 
and military

Budget: $10 billion
5.0 stars - 5 reviews range from 0 to 5

The National Security Agency — Operates more than 500 separate signals intelligence platforms Employs roughly 30,000 civilians and military Budget: $10 billion

F6: Special Collection Service HQ (Beltsville, MD) — Joint CIA/NSA field collection agency operating from embassies and other denied locations. Director reports to DIRNSA


SI or COMINT -- denotes sensitive SiGINT, DNI and cyber sources and methods

ECI -- protects NSA relationships with other government agencies and private companies.

ECI-FGT --> SCS Product

ECI-AMB Ambulate

ECI-PIQ Picaresque


VRK -- exceptionally sensitive sources of national and strategic importance

RAGTIME -- protects "product " gathered from FISA intercepts

Large domestic operating field sites

Columbia, MD

Friendship Annex, Linthicum, MD

Finksberg, MD

Bowie, MD

College Park, MD

Ft. Belvoir, VA

Fairfax, VA

Washington, DC

Ft. Detrick (Site R)

Camp Williams, UT

NSA Georgia (Ft. Gordon)

NSA Texas (Lackland AFB, San Antonio)

Greenville, TX

NSA Hawaii (Kunia)

NSA Denver (Aurora), co-located with CIA's National Resources Division

NSA Oak Ridge (Tennessee)


Winter Harbor, ME

Formerly: Sugar Grove, WV, Rosman, NC TIMBERLINE

NSA Continuity of Government site

NSA CMOC -- Cheyenne Mounfain

Main Databases and SIGINT architecture

Aquador — Merchant ship tracking tool

NUCLEON — Global telephone content database

AIRGAP — Priority missions tool used to determine SIGINT gaps

HOMEBASE — A tactical tasking tool for digital network identification

SNORT — Repository of computer network attack techniques/coding


WIRESHARK — Repository of malicious network signatures

TRAFFICTHIEF — Raw SIGINT viewer for data analysis


BANYAN — NSA tactical geospatial correlation database

MESSIAH/WHAMI — ELINT processing and analytical database

MAINWAY — Telephony metadata collection database

ONEROOF — Main tactical SIGINT database (Afghanistan), consisting of raw and unfiltered intercepts, associated with Coastline tool


MARINA — Internet metadata collection database

ASSOCIATION — Tactical SIGINT social network database




PROTON — SIGINT database for database for time-sensitive targets/counterintelligence

Criss-Cross tool

PINWALE — SIGINT content database



OCTAVE/CONTRAOCTIVE — Collection mission tasking tool -- where "selectors" live

CONVEYENCE DNI content database

ANCHORY — Main repository of finished NSA SIGINT reports (associated with MAUI)

WRANGLER — Electronic Intelligence intercept raw database




Analytical Systems

Unified Targeting Tool










CASPORT -- main NSA corporate / access identification tool used to control product dissemination

DISHFIRE -- Associational and relational database for political and strategic intelligence by key selectors


CULTWEAVE Priority SIGINT Database

Broom Stick


AGILITY - Database of foreign intelligence selectors

TURMOIL -- fiber switch collection database

Transit Switch / Hub Collection and Processing Tools





Reporting tools


Voice master

Center mass

Gist Queue


NSA Field Stations — Remote collection and analytical facilities

F7: Meade Operations Center — 24/7 SIGINT support to deployed military units

SORC/FP: Special Operations Readiness Cells (Focal Point) — Support to special operations forces as part of the Focal Point Special Access Program

Foreign Affairs Directorate — Liaison with foreign intelligence services, counter-intelligence centers, UK/USA and FIVE EYES exchanges

Office of Export Control Policy

NSA Acquisitions and Procurement Directorate

Program Executive Office — Oversees acquisition of major NSA backbone projects like TRAILBLAZER, CMM, REBA, JOURNEYMAN, and ICEBERG

VOXGLO -- major cyber and enterprising computing project

Advanced Analytical Laboratory

Corporate Assessments Offices

Rebuilding Analysis Program Office

Knowledge System Prototype Program Office

Maryland Procurement Office

Acquisitions Program Manager for Signals Intelligence

Acquisitions Program Manager for Research

Acquisition Logistics Integrated Product Team

Information Assurance Directorate

IC: Cyber Integration Division

IE: Engagement Division

Client Engagement and Community Outreach Group

Interagency Operations Security Support Staff (OPSEC)

I2: Trusted Engineering Solutions

I2N: Office of National and Nuclear Command Capabilities — Provides the launch codes for nuclear weapons, Electronic Key Support Central Management Facility — Provides over-the-air code keying for the entire national security establishment

I3: Information Operations

Mission Integration Office

Technical Security Evaluations

Red Cell — Conducts surprise penetrations of U.S. government networks

Blue Cell — Conducts audits of U.S. government networks

HUNT: Advanced adversary network penetration cell — Monitors NSA networks 24/7 to detect advanced cyber penetrations

Joint Communications Security Monitoring Agency

I4: Fusion, Analysis, Mitigation

Research Directorate

R1: Math

R2: Trusted Systems

R3: LPS — Physical science lab

R4: LTS — Telecom science lab ( high-speed networks, wireless communications, and quantum key distribution)

R05: Center for the Advanced Study of Language

R6: Computer and Information Science

RX: Special Access Programs/Compartmented Research

Signals Intelligence Directorate

S1: Customer Relations

A&R Watch (K Watch Ops) 199

S11: Customer Gateway

S12: Information Sharing and Services Branch

S124: Staff Services Division

S2: Analysis and Production

FISA Special Adjudication Office — Provides 24/7 support to each product line shift to facilitate rapid FISA processing

NSA Product Lines, S2A: South Asia, S25A51 -- South Asian Language Analysis Branch, S25A52 -- South Asian Reporting Branch, S2B: China and Korea, S2C: International Security, S2C42 -- Western Europe and Strategic Partnership Division, S2C41 Mexico Team, I, S2D: Counter-foreign intelligence, S2E: Middle East/Asian, S2F: International Crime, S2G: Counterproliferation, S2H: Russia, S2I: Counterterrorism, S2IX: Special Counterterrorism Operations, S2I42 -- Hezbollah Team, S2I43 -- NOM Team, S2I5 -- AAP (PSP analytical unit), S2J: Weapons and Space, S2T: Current Threats, S2T3: NSA/CSS Threat Operations Center, S2X: ??, Each production line has a language analysis branch, a reporting branch, a compliance branch, a technical branch, and a customer services branch

S3: Data Acquisition

S31: Cryptologic Exploitation Services, Signals and Surveys Analysis Division, Technical Exploitation Center, Project BULLRUN, S3132: Protocol, Exploitation, and Dissemination Cell — Shunts SIGINT by type to databases, Target Office of Primary Interest, S31174 Office of Target Pursuit

S32: Tailored Access Operations, Network Warfare Team — Liaison with military, S321: Remote Operations Center, Network Ops Center, Operational Readiness, Interactive Operations Division, Production Operations Division, Access Operations Division — Works with CIA's Technology Management Office to break into hard-to-reach networks, Project GENIE, S323: Data Network Technologies (researches how to penetrate secure networks), FG3223: Media Exploitation and Analysis, S324: Telecommunications Network Technologies — Develops technologies to penetrate telecom networks, S325: Mission Infrastructure Technologies — Operational computer network exploitation and enemy infrastructure vulnerability mapping, S327: Targeting and Requirements, S328: Access Technologies Operations (computer network attack) — Works with CIA's TMO, S32P. TAO Program Planning Integration

S33: Link Access // Global Access Operations, S332: Terrestrial SIGINT, S333: Overhead SIGINT, Overhead Collection Management Center, U2 PMO, RC / GUAR, EP3 PMO, SSPO, S33P ISR Portfolio Management Office, S33P2 Technology Integration Division, S33P3 Tactical SIGINT Technology Office, AIRSTEED Program Office — Cell phone tracking, Tactical Platforms Division, Community ELINT Management Office, OCEANSURF Program Office — $450m systems engineering hub

S34: Collection Strategies and Requirements Center, S342: Collection Coordination and Strategies, S343: Targeting and Mission Management — Approves targets for analysts/makes sure that SIGINT targeting matches intelligence requirements, S344: Partnership and Enterprise Management

S35 Special Source Operations, Program Offices, 35333: PRISM Program Office, BLARNEY program office -- PRISM cooperative switch collection // filtered target metadata, CHASEFALCON — Unknown major program office, S352: PRINTAURA — NSA unit involved in data filtering; program office for TRAFFICTHIEF tool, OCELOT (FORNSAT), Crosshair Net Management Center/Crosshair Support Center — Directing finding, Radio Frequency Targeted Operations Office, RFTO Special Projects Office, VOXGLO — Unknown major program office, V34 -- Next Generation Wireless (NGW) exploitation program, Corporate Partner Access PMO, OAKSTAR -- company cooperative switch collection, LITHIUM, FAIRVIEW program office -- International Transit Switch Collection, SILVERZEPHYR -- International Transit Switch Collection (Latin America), STEELKNIGHT Corporate Partner, STORMBREW -- International Transit Switch Collection, ORANGEBLOSSOM -- International Transit Switch Collection

SV -- Signals Intelligence Directorate Oversight and Compliance

SV4 FISA Compliance and Processing

SSG -- SIGDEV Strategy and Governance

T: Technical Directorate

TE: Enterprise Systems Engineering and Architecture

TS: Information Systems and Security

Public Key Infrastructure (PKI) Program Management Office (PMO)

TT: Independent Test and Evaluation

T1: Mission Capabilities

T132 — The "scissors" team: division that physically separates traffic by type once it's been ingested

Strategic SATCOM Security Engineering Office

T2: Business Capabilities

T3: Enterprise IT Services

T3221: Transport Field Services

T334: National Signals Processing Center

T335: Deployable Communications Operations

T5: CARILLION — High performance computing center

T6: Technical SIGINT and Ground Capabilities

OTRS -- Office of Target Reconnaissance and Survey -- provides rapid technological solutions for tactical SIGINT problems

Information Technology Infrastructure Services (ITIS) System Office

L: Installation and Logistics

M: Human Resources — Q: Security and Counterintelligence

Q2: Office of Military Personnel

Q3: Office of Civilian Personnel

QJ1: HR operations/global personnel SA

Q43: Information Policy Division

Q5: Office of Security

Q509: Security Policy Staff

Q51: Physical Security Division

Q52: Field Security Division


Q56: Security Awareness

Q57: Polygraph

Q7: Counterintelligence

Cross-functional units // co-located with SID S2 Production Lines

National Security Operations Center — Main NSA intelligence watch facility

DECKPIN — NSA crisis cell activated during emergencies

CMM — Cryptologic Management Mission program office

Integrated Broadcast Support Services Office — Provides SIGINT "RSS" feeds to customers

DEFSMAC: Defense Special Missile and Aerospace Center

NSA/CSS Commercial Solutions Center

NSA/CSS Threat Operations Center — Main cyber watch center

Office of Analysis

Unified Cryptologic Architecture Office


Systems Engineering/Architecture Analyses and Issues



Planning and Financial Management

Plans and Exercise Office

NSA Continuity Programs Office

Military Exercise Office

Continuity Engineering Office

J2 Cryptologic Intelligence Unit (collects intelligence on worldwide cryptologic efforts).

Directorate for Education and Training

Directorate for Corporate Leadership