💼 Security Continuous Monitoring (DE.CM)
- ID:
/frameworks/nist-csf-v1.1/de-cm
Description​
The information system and assets are monitored to identify cybersecurity events and verify the effectiveness of protective measures.
Similar​
- Internal
- ID:
dec-b-2337b3d5
- ID:
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 DE.CM-1: The network is monitored to detect potential cybersecurity events | 18 | 63 | no data | ||
| 💼 DE.CM-2: The physical environment is monitored to detect potential cybersecurity events | no data | ||||
| 💼 DE.CM-3: Personnel activity is monitored to detect potential cybersecurity events | 20 | 26 | no data | ||
| 💼 DE.CM-4: Malicious code is detected | 7 | 7 | no data | ||
| 💼 DE.CM-5: Unauthorized mobile code is detected | 11 | 12 | no data | ||
| 💼 DE.CM-6: External service provider activity is monitored to detect potential cybersecurity events | 6 | 7 | no data | ||
| 💼 DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed | 18 | 24 | no data | ||
| 💼 DE.CM-8: Vulnerability scans are performed | 7 | 7 | no data |