πΌ DE.CM-6: External service provider activity is monitored to detect potential cybersecurity events
- Contextual name: πΌ DE.CM-6: External service provider activity is monitored to detect potential cybersecurity events
- ID:
/frameworks/nist-csf-v1.1/de-cm/06 - Located in: πΌ Security Continuous Monitoring (DE.CM)
Descriptionβ
Empty...
Similarβ
- Sections
/frameworks/iso-iec-27001-2013/14/02/07/frameworks/iso-iec-27001-2013/15/02/01/frameworks/nist-sp-800-53-r4/ca/07/frameworks/nist-sp-800-53-r4/ps/07/frameworks/nist-sp-800-53-r4/sa/04/frameworks/nist-sp-800-53-r4/sa/09/frameworks/nist-sp-800-53-r4/si/04
- Internal
- ID:
dec-c-4b704a52
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ ISO/IEC 27001:2013 β πΌ A.14.2.7 Outsourced development | ||||
| πΌ ISO/IEC 27001:2013 β πΌ A.15.2.1 Monitoring and review of supplier services | ||||
| πΌ NIST SP 800-53 Revision 4 β πΌ CA-7 CONTINUOUS MONITORING | 3 | |||
| πΌ NIST SP 800-53 Revision 4 β πΌ PS-7 THIRD-PARTY PERSONNEL SECURITY | ||||
| πΌ NIST SP 800-53 Revision 4 β πΌ SA-4 ACQUISITION PROCESS | 10 | |||
| πΌ NIST SP 800-53 Revision 4 β πΌ SA-9 EXTERNAL INFORMATION SYSTEM SERVICES | 5 | |||
| πΌ NIST SP 800-53 Revision 4 β πΌ SI-4 INFORMATION SYSTEM MONITORING | 24 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v2.0 β πΌ DE.CM-06: External service provider activities and services are monitored to find potentially adverse events | 27 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (7)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account Multi-Region CloudTrail is not enabled π’ | 1 | π’ x6 |
| π AWS CloudTrail Log File Validation is not enabled π’ | 1 | π’ x6 |
| π Azure PostgreSQL Flexible Server connection_throttle.enable Parameter is not set to ON π’ | 1 | π’ x6 |
| π Azure SQL Server Auditing is not enabled π’ | 1 | π’ x6 |
| π Azure SQL Server Auditing Retention is less than 90 days π’ | 1 | π’ x6 |
| π Azure Storage Blob Logging is not enabled for Read, Write, and Delete requests π’ | 1 | π’ x6 |
| π Azure Storage Queue Logging is not enabled for Read, Write, and Delete requests π’ | 1 | π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-36ced3d1 | 1 | |
| βοΈ dec-x-89d5ed7a | 1 | |
| βοΈ dec-x-611eaa35 | 1 | |
| βοΈ dec-x-850beea8 | 1 | |
| βοΈ dec-x-b1e1a494 | 1 | |
| βοΈ dec-x-db1b7a1b | 1 | |
| βοΈ dec-z-3f480eb5 | 1 |