πΌ RS.MI-02: Incidents are eradicated
- Contextual name: πΌ RS.MI-02: Incidents are eradicated
- ID:
/frameworks/nist-csf-v2.0/rs-mi/02 - Located in: πΌ Incident Mitigation (RS.MI)
Descriptionβ
- Cybersecurity technologies and cybersecurity features of other technologies (e.g., operating systems, network infrastructure devices) automatically perform eradication actions
- Allow incident responders to manually select and perform eradication actions
- Allow a third party (e.g., managed security service provider) to perform eradication actions on behalf of the organization
Similarβ
- Sections
/frameworks/nist-csf-v1.1/rs-mi/02/frameworks/nist-sp-800-53-r5/ir/04
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST CSF v1.1 β πΌ RS.MI-2: Incidents are mitigated | 7 | 7 | ||
| πΌ NIST SP 800-53 Revision 5 β πΌ IR-4 Incident Handling | 15 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (7)β
| Policy | Logic Count | Flags |
|---|---|---|
| π Azure Subscription Microsoft Defender For (Managed Instance) Azure SQL Databases is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For App Services is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For Containers is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For Key Vault is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For Servers is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For SQL Servers On Machines is not set to On π’ | 1 | π’ x6 |
| π Azure Subscription Microsoft Defender For Storage is not set to On π’ | 1 | π’ x6 |