💼 ID.RA-03: Internal and external threats to the organization are identified and recorded

• ID: /frameworks/nist-csf-v2.0/id-ra/03

Description

1. Use cyber threat intelligence to maintain awareness of the types of threat actors likely to target the organization and the TTPs they are likely to use
2. Perform threat hunting to look for signs of threat actors within the environment
3. Implement processes for identifying internal threat actors

Similar

• Sections
  • /frameworks/nist-csf-v1.1/id-ra/03
  • /frameworks/nist-sp-800-53-r5/pm/12
  • /frameworks/nist-sp-800-53-r5/pm/16
  • /frameworks/nist-sp-800-53-r5/ra/03
  • /frameworks/nist-sp-800-53-r5/si/05

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST CSF v1.1 → 💼 ID.RA-3: Threats, both internal and external, are identified and documented		7	7		no data
💼 NIST SP 800-53 Revision 5 → 💼 PM-12 Insider Threat Program					no data
💼 NIST SP 800-53 Revision 5 → 💼 PM-16 Threat Awareness Program	1				no data
💼 NIST SP 800-53 Revision 5 → 💼 RA-3 Risk Assessment	4		1		no data
💼 NIST SP 800-53 Revision 5 → 💼 SI-5 Security Alerts, Advisories, and Directives	1				no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (7)

Policy	Logic Count	Flags	Compliance
🛡️ Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For App Services is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For Containers is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For Key Vault is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For Servers is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On🟢	1	🟢 x6	no data
🛡️ Azure Subscription Microsoft Defender For Storage is not set to On🟢	1	🟢 x6	no data