💼 RS.MI-01: Incidents are contained
- ID:
/frameworks/nist-csf-v2.0/rs-mi/01
Description
- Cybersecurity technologies (e.g., antivirus software) and cybersecurity features of other technologies (e.g., operating systems, network infrastructure devices) automatically perform containment actions
- Allow incident responders to manually select and perform containment actions
- Allow a third party (e.g., internet service provider, managed security service provider) to perform containment actions on behalf of the organization
- Automatically transfer compromised endpoints to a remediation virtual local area network (VLAN)
Similar
- Sections
/frameworks/nist-csf-v1.1/rs-mi/01/frameworks/nist-sp-800-53-r5/ir/04
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST CSF v1.1 → 💼 RS.MI-1: Incidents are contained | 7 | 7 | no data | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 IR-4 Incident Handling | 15 | 1 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (7)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For App Services is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For Containers is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For Key Vault is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For Servers is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On🟢 | 1 | 🟢 x6 | no data |
| 🛡️ Azure Subscription Microsoft Defender For Storage is not set to On🟢 | 1 | 🟢 x6 | no data |