💼 ID.RA-03: Internal and external threats to the organization are identified and recorded

• Contextual name: 💼 ID.RA-03: Internal and external threats to the organization are identified and recorded
• ID: /frameworks/nist-csf-v2.0/id-ra/03
• Located in: 💼 Risk Assessment (ID.RA)

Description

1. Use cyber threat intelligence to maintain awareness of the types of threat actors likely to target the organization and the TTPs they are likely to use
2. Perform threat hunting to look for signs of threat actors within the environment
3. Implement processes for identifying internal threat actors

Similar

• Sections
  • /frameworks/nist-csf-v1.1/id-ra/03
  • /frameworks/nist-sp-800-53-r5/pm/12
  • /frameworks/nist-sp-800-53-r5/pm/16
  • /frameworks/nist-sp-800-53-r5/ra/03
  • /frameworks/nist-sp-800-53-r5/si/05

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 NIST CSF v1.1 → 💼 ID.RA-3: Threats, both internal and external, are identified and documented		7	7
💼 NIST SP 800-53 Revision 5 → 💼 PM-12 Insider Threat Program
💼 NIST SP 800-53 Revision 5 → 💼 PM-16 Threat Awareness Program	1
💼 NIST SP 800-53 Revision 5 → 💼 RA-3 Risk Assessment	4
💼 NIST SP 800-53 Revision 5 → 💼 SI-5 Security Alerts, Advisories, and Directives	1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (7)

Policy	Logic Count	Flags
📝 Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On 🟢	1	🟢 x6
📝 Azure Subscription Microsoft Defender For App Services is not set to On 🟢	1	🟢 x6
📝 Azure Subscription Microsoft Defender For Containers is not set to On 🟢	1	🟢 x6
📝 Azure Subscription Microsoft Defender For Key Vault is not set to On 🟢	1	🟢 x6
📝 Azure Subscription Microsoft Defender For Servers is not set to On 🟢	1	🟢 x6
📝 Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On 🟢	1	🟢 x6
📝 Azure Subscription Microsoft Defender For Storage is not set to On 🟢	1	🟢 x6