The DEFEND Act amends Title III of the Homeland Security Act to force a focused, multi-year analytical effort on how foreign-linked unmanned aircraft systems (UAS) — including those supplied to or used by terrorist groups, proxies, or state actors — could be used to surveil, attack, or otherwise threaten the U.S. homeland. Rather than a single study, the bill prescribes a recurring product suite: a classified assessment with a required unclassified public annex and a near-term congressional briefing.
Beyond analysis, the bill directs DHS to turn findings into operational outputs: recommendations, training modules, and exercises for federal, state, local, Tribal, and territorial law enforcement, and a formal channel for private-sector counter-UAS expertise to feed into DHS thinking. For compliance officers, procurement leads, and security planners, the DEFEND Act signals likely demand for counter-UAS systems, training services, interagency coordination, and changes to port and border risk assessments.
At a Glance
What It Does
Sets a required content structure for DHS assessments — listing specific threat vectors (e.g., swarms, AI-enabled autonomy, WMD payloads, smuggling methods) — and requires classified delivery with an unclassified annex and a speedy classified briefing to congressional homeland security committees.
Who It Affects
DHS components and interagency partners (DOD, ODNI), state and local law enforcement that will receive training modules, counter-UAS and sensor vendors positioned to supply technology or expertise, and port, border, and critical-infrastructure operators whose risk profiles the assessments will analyze.
Why It Matters
The bill formalizes a repeatable intelligence-to-preparedness pipeline focused specifically on foreign-linked UAS threats, likely shaping procurement priorities, R&D investments, regulatory attention to drone-origin supply chains, and how federal and local responders prepare for swarm or contamination scenarios.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
The bill inserts a new Section 324 into Title III of the Homeland Security Act. That section requires DHS to deliver a comprehensive body of work on foreign-linked UAS threats: not just a single report but recurring, topic-driven assessments.
The statute identifies a menu of analytic areas DHS must cover — from how adversaries acquire and smuggle UAS into conflict zones to the operational use of swarms, autonomous targeting, encrypted links, and even repurposed agricultural sprayers to deliver chemical or biological payloads. DHS must also examine water-launched drones and container- or vehicle-launched deployments that have direct implications for seaports and land-border security.
The bill prescribes how DHS must produce and share the product. Each assessment will be classified, but DHS must also prepare an unclassified annex for public posting and provide a classified briefing to the designated congressional homeland security committees shortly after submission.
DHS must consult across the Homeland Security Enterprise and with DOD, ODNI, and other agencies as it prepares these assessments. The statute explicitly directs DHS to engage highly accomplished private-sector counter-UAS practitioners to inform analysis and to leverage field-proven technologies observed in real conflicts.The statute goes beyond analysis and requires DHS to translate lessons learned into practical preparedness work: recommendations, training modules, and exercises for federal, State, local, Tribal, and territorial law enforcement.
The bill defines key terms — notably ‘‘covered foreign country’’ (tied to the intelligence community’s Annual Threat Assessment or DHS/DNI designation) and ‘‘covered unmanned aircraft system’’ (capturing UAS by origin of manufacture, components, software, or data storage). That definition targets supply-chain and software ties as much as whole-platform origin, which broadens the scope of systems DHS will consider when assessing risk.Mechanically, DHS must deliver the first assessment within a defined short window after enactment and then repeat the product on a yearly basis for a six-year window.
The statute does not appropriate new funding; it instead assigns content, coordination, and outreach obligations to DHS and its partners, institutionalizing a recurring analytic and preparedness agenda focused on the nexus of foreign influence, technology evolution, and homeland vulnerability.
The Five Things You Need to Know
DHS must produce the first assessment within 270 days of enactment and then annually thereafter for six years.
Each assessment is submitted in classified form, but DHS must publish an unclassified annex of the report on its website.
The Secretary must provide a classified briefing to the House and Senate homeland security committees within seven days of submitting each assessment.
The statute defines a 'covered unmanned aircraft system' broadly: any UAS with critical components, flight controllers, ground control software, or network/storage ties to a covered foreign country.
Required analytic topics explicitly include swarm tactics, AI/autonomy and anti-jam adaptations, water- or container-launched UAS, and assessments of UAS-delivered chemical/biological/radiological payload risks.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Short title
Names the bill the 'Detecting and Evaluating Foreign Exploitation of Novel Drones Act' or 'DEFEND Act.' This is the act’s formal caption and has no operational effect beyond identification.
Delivery schedule and reporting targets
Specifies the timing: the initial assessment is due 270 days after enactment and then annually for six years. The scheduling establishes a temporary but multi-year analytic program rather than a permanent new office or continuous requirement. Agencies and planners should expect recurring deliverables and short-term program lifecycle planning tied to that six-year horizon.
Required analytic scope and topic list
Provides a detailed checklist of topics DHS must analyze — from acquisition and smuggling methods through the operational use of UAS for ISR, kinetic attacks, swarm operations, autonomous targeting, and potential WMD delivery. For practitioners, this is the operational scope DHS must cover and will shape what intelligence and open-source inputs the department prioritizes when compiling the assessment.
Preparedness outputs, consultation, and private-sector collaboration
Requires DHS to turn analysis into training modules, exercises, and recommendations for federal, state, local, Tribal, and territorial law enforcement. It mandates interagency consultation (DOD, ODNI, and others) and explicitly authorizes DHS to seek collaboration with private sector counter-UAS leaders with real-world deployment experience — creating a formal pathway for industry tactics and technologies to inform government planning while also raising questions about selection, compensation, and information security for industry partners.
Delivery format and congressional notification
Requires the full assessment to be classified but compels DHS to prepare and post an unclassified annex for public consumption. It also requires a classified briefing to the designated congressional homeland security committees within seven days of report submission, compressing congressional oversight timelines and requiring DHS to have classified materials and briefings ready on short notice.
Definitions of covered terms
Establishes definitional rules for 'covered foreign country,' 'covered foreign adversary,' and 'covered unmanned aircraft system.' Notably, the covered UAS definition is tethered to origin of manufacture or the provenance of key components, software, or data storage — which pushes analysis toward supply-chain and software-origin risk assessments rather than only whole-platform origin determinations.
This bill is one of many.
Codify tracks hundreds of bills on Defense across all five countries.
Explore Defense in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- State, local, Tribal, and territorial law enforcement: they receive standardized training modules and exercises informed by conflict-tested tactics, improving recognition and response to UAS-enabled incidents.
- Federal homeland security planners and DHS components: gain a recurring, structured analytic product focused on foreign-linked UAS threats that can inform strategy, procurement priorities, and interagency coordination.
- Counter-UAS technology vendors and private-sector experts: stand to gain market demand and official pathways to influence DHS priorities through mandated collaboration and information-sharing.
- Critical infrastructure owners/operators (ports, transit agencies, utilities): receive clearer threat intelligence and recommendations that can be used to update security plans and investments.
Who Bears the Cost
- Department of Homeland Security: must allocate analytic, policy, and outreach resources to meet the annual classified reporting, produce public annexes, and develop training without dedicated appropriations in the statute.
- Private-sector entities providing expertise: may face obligations to share operational data or participate in exercises, raising potential costs, IP exposure, and classification-handling burdens.
- State and local jurisdictions and smaller ports: may need to absorb the costs of implementing recommended training, acquiring counter-UAS tools, or changing procedures without guaranteed federal funding.
- Commercial supply-chain actors and drone manufacturers: could face increased scrutiny, reputational risk, or indirect regulatory pressure if their components are identified in future assessments as tied to covered foreign countries.
Key Issues
The Core Tension
The central dilemma is trade-off between operational secrecy and public preparedness: Congress requires detailed, classified analysis and rapid briefings to oversight committees while also demanding public annexes and actionable training for civilian responders — balancing the need to protect sources, methods, and commercial secrets against the imperative to inform and prepare frontline agencies and the public creates unavoidable friction and implementation choices with no single right answer.
The bill sets a wide analytic aperture without providing appropriations or creating a dedicated program office, which creates an operational tension: DHS must deliver technically detailed, classified products and operational training packages on a fixed timetable but must do so within existing resourcing lines unless Congress separately funds the effort. That raises real risks of either diverting staff from other priorities or producing lower-quality products if analytic tradecraft and interagency data access are insufficient.
The statute’s broad definitions of 'covered unmanned aircraft system' (covering components, software, or data storage origin) improve analytic reach but risk sweeping in commercially ubiquitous upstream parts and cloud services, complicating trade and compliance posture for benign importers and integrators. The mandate to engage 'highly accomplished' private-sector counter-UAS firms brings operational expertise but introduces information-security and conflict-of-interest issues: how DHS selects and compensates such firms, and how proprietary methods observed in conflict zones are validated and sanitized for domestic use, are unresolved.
Finally, the mix of classified reporting and a public annex poses publication challenges: DHS will need clear redaction standards so the unclassified annex is useful without jeopardizing sources, methods, or sensitive industry data.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.