💼 Anomalies and Events (DE.AE)

• Contextual name: 💼 Anomalies and Events (DE.AE)
• ID: /frameworks/nist-csf-v1.1/de-ae
• Located in: 💼 NIST CSF v1.1

Description

Anomalous activity is detected and the potential impact of events is understood.

Similar

• Internal
  • ID: dec-b-18b8c0de

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed		10	14
💼 DE.AE-2: Detected events are analyzed to understand attack targets and methods		18	23
💼 DE.AE-3: Event data are collected and correlated from multiple sources and sensors		18	37
💼 DE.AE-4: Impact of events is determined		13	13
💼 DE.AE-5: Incident alert thresholds are established