Skip to main content

💼 DE.CM-06: External service provider activities and services are monitored to find potentially adverse events

  • Contextual name: 💼 DE.CM-06: External service provider activities and services are monitored to find potentially adverse events
  • ID: /frameworks/nist-csf-v2.0/de-cm/06
  • Located in: 💼 Continuous Monitoring (DE.CM)

Description

  1. Monitor remote and onsite administration and maintenance activities that external providers perform on organizational systems
  2. Monitor activity from cloud-based services, internet service providers, and other service providers for deviations from expected behavior

Similar

  • Sections
    • /frameworks/nist-csf-v1.1/de-cm/06
    • /frameworks/nist-csf-v1.1/de-cm/07
    • /frameworks/nist-sp-800-53-r5/ca/07
    • /frameworks/nist-sp-800-53-r5/ps/07
    • /frameworks/nist-sp-800-53-r5/sa/04
    • /frameworks/nist-sp-800-53-r5/sa/09
    • /frameworks/nist-sp-800-53-r5/si/04

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlags
💼 NIST CSF v1.1 → 💼 DE.CM-6: External service provider activity is monitored to detect potential cybersecurity events66
💼 NIST CSF v1.1 → 💼 DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed1823
💼 NIST SP 800-53 Revision 5 → 💼 CA-7 Continuous Monitoring610
💼 NIST SP 800-53 Revision 5 → 💼 PS-7 External Personnel Security
💼 NIST SP 800-53 Revision 5 → 💼 SA-4 Acquisition Process12
💼 NIST SP 800-53 Revision 5 → 💼 SA-9 External System Services811
💼 NIST SP 800-53 Revision 5 → 💼 SI-4 System Monitoring2518

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlags

Policies (31)

PolicyLogic CountFlags
📝 AWS Account Multi-Region CloudTrail is not enabled 🟢1🟢 x6
📝 AWS API Gateway API Access Logging in CloudWatch is not enabled 🟢1🟠 x1, 🟢 x5
📝 AWS API Gateway API Execution Logging in CloudWatch is not enabled 🟢1🟢 x6
📝 AWS API Gateway REST API Stage X-Ray Tracing is not enabled 🟢1🟢 x6
📝 AWS CloudFront Distribution Logging is not enabled 🟢1🟢 x6
📝 AWS CloudTrail Log File Validation is not enabled 🟢1🟢 x6
📝 AWS CloudTrail S3 Bucket Access Logging is not enabled. 🟢1🟢 x6
📝 AWS DMS Migration Task Logging is not enabled 🟢1🟢 x6
📝 AWS EC2 Auto Scaling Group behind ELB doesn't use ELB health check 🟢1🟢 x6
📝 AWS EC2 Security Group allows public IPv4 (0.0.0.0/0) access to admin ports 🟢1🟢 x6
📝 AWS EC2 Security Group allows public IPv6 (::/0) access to admin ports 🟢1🟢 x6
📝 AWS S3 Bucket Server Access Logging is not enabled 🟢1🟢 x6
📝 AWS VPC Flow Logs are not enabled 🟢1🟠 x1, 🟢 x5
📝 Azure Diagnostic Setting for Azure Key Vault is not enabled 🟢🟢 x3
📝 Azure PostgreSQL Flexible Server connection_throttle.enable Parameter is not set to ON 🟢1🟢 x6
📝 Azure PostgreSQL Flexible Server log_checkpoints Parameter is not set to ON 🟢1🟢 x6
📝 Azure PostgreSQL Flexible Server log_retention_days Parameter is less than 4 days 🟢1🟢 x6
📝 Azure PostgreSQL Single Server log_connections Parameter is not set to ON 🟢1🟢 x6
📝 Azure PostgreSQL Single Server log_disconnections Parameter is not set to ON 🟢1🟢 x6
📝 Azure SQL Server Auditing is not enabled 🟢1🟢 x6
📝 Azure SQL Server Auditing Retention is less than 90 days 🟢1🟢 x6
📝 Azure Storage Blob Logging is not enabled for Read, Write, and Delete requests 🟢1🟢 x6
📝 Azure Storage Queue Logging is not enabled for Read, Write, and Delete requests 🟢1🟢 x6
📝 Azure Subscription Activity Log Alert for Create or Update Network Security Group does not exist 🟢1🟢 x6
📝 Azure Subscription Activity Log Alert for Create or Update Security Solution does not exist 🟢1🟢 x6
📝 Azure Subscription Activity Log Alert for Create Policy Assignment does not exist 🟢1🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Network Security Group does not exist 🟢1🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Policy Assignment does not exist 🟢1🟢 x6
📝 Azure Subscription Activity Log Alert for Delete Security Solution does not exist 🟢1🟢 x6
📝 Google Cloud Audit Logging is not configured properly 🟢1🟢 x6
📝 Google GCE Subnetwork Flow Logs are not enabled 🟢1🟢 x6