💼 Security Continuous Monitoring (DE.CM)

• Contextual name: 💼 Security Continuous Monitoring (DE.CM)
• ID: /frameworks/nist-csf-v1.1/de-cm
• Located in: 💼 NIST CSF v1.1

Description

The information system and assets are monitored to identify cybersecurity events and verify the effectiveness of protective measures.

Similar

• Internal
  • ID: dec-b-2337b3d5

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 DE.CM-1: The network is monitored to detect potential cybersecurity events		19	28
💼 DE.CM-2: The physical environment is monitored to detect potential cybersecurity events
💼 DE.CM-3: Personnel activity is monitored to detect potential cybersecurity events		21	24
💼 DE.CM-4: Malicious code is detected		7	7
💼 DE.CM-5: Unauthorized mobile code is detected		11	11
💼 DE.CM-6: External service provider activity is monitored to detect potential cybersecurity events		7	7
💼 DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed		19	23
💼 DE.CM-8: Vulnerability scans are performed		7	7