DE.AE-02:

Potentially adverse events are analyzed to better understand associated activities

Implementation Examples

Ex1:

Use security information and event management (SIEM) or other tools to continuously monitor log events for known malicious and suspicious activity

Ex2:

Utilize up-to-date cyber threat intelligence in log analysis tools to improve detection accuracy and characterize threat actors, their methods, and indicators of compromise

Ex3:

Regularly conduct manual reviews of log events for technologies that cannot be sufficiently monitored through automation

Ex4:

Use log analysis tools to generate reports on their findings

Frameworks and Controls

NIST Cybersecurity Framework V2.0

GV: Govern
ID: Identify
PR: Protect
DE: Detect
- Continuous Monitoring (DE.CM)
- Adverse Event Analysis (DE.AE)
RS: Respond
RC: Recover

CMMC Level 1

NIST SP 800-171
- CMMC Level 2 - NIST SP 800-171 r2
CMMC Level 3

DE.AE-02:

Potentially adverse events are analyzed to better understand associated activities

Implementation Examples

Ex1:

Ex2:

Ex3:

Ex4:

Peaches.Cloud

Quick Links

Contact

Support Our Research