DE.CM-09:

Computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events

Implementation Examples

Ex1:

Monitor email, web, file sharing, collaboration services, and other common attack vectors to detect malware, phishing, data leaks and exfiltration, and other adverse events

Ex2:

Monitor authentication attempts to identify attacks against credentials and unauthorized credential reuse

Ex3:

Monitor software configurations for deviations from security baselines

Ex4:

Monitor hardware and software for signs of tampering

Ex5:

Use technologies with a presence on endpoints to detect cyber health issues (e.g., missing patches, malware infections, unauthorized software), and redirect the endpoints to a remediation environment before access is authorized

Frameworks and Controls

NIST Cybersecurity Framework V2.0

GV: Govern
ID: Identify
PR: Protect
DE: Detect
- Continuous Monitoring (DE.CM)
- Adverse Event Analysis (DE.AE)
RS: Respond
RC: Recover

CMMC Level 1

NIST SP 800-171
- CMMC Level 2 - NIST SP 800-171 r2
CMMC Level 3

DE.CM-09:

Computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events

Implementation Examples

Ex1:

Ex2:

Ex3:

Ex4:

Ex5:

Peaches.Cloud

Quick Links

Contact

Support Our Research