πΌ CC7.2-1 Implements Detection Policies, Procedures, and Tools
- Contextual name: πΌ CC7.2-1 Implements Detection Policies, Procedures, and Tools
- ID:
/frameworks/soc-2/cc7/02/01 - Located in: πΌ CC7.2 The entity monitors system components and the operation of those components for anomalies that are indicative of malicious acts, natural disasters, and errors affecting the entity's ability to meet its objectives; anomalies are analyzed to determine whether they represent security events.
Descriptionβ
Detection policies and procedures are defined and implemented, and detection tools are implemented on Infrastructure and software to identify anomalies in the operation or unusual activity on systems. Procedures may include (1) a defined governance process for security event detection and management that includes provision of resources; (2) use of intelligence sources to identify newly discovered threats and vulnerabilities; and (3) logging of unusual system activities.
Similarβ
- Internal
- ID:
dec-c-b18dc75d
- ID:
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (7)β
| Policy | Logic Count | Flags |
|---|---|---|
π Google Cloud PostgreSQL Instance Log_error_verbosity Database Flag is not set to DEFAULT or stricter π’ | 1 | π’ x6 |
| π Google Cloud PostgreSQL Instance Log_connections Database Flag is not set to On π’ | 1 | π’ x6 |
| π Google Cloud PostgreSQL Instance Log_disconnections Database Flag is not set to On π’ | 1 | π’ x6 |
| π Google Cloud PostgreSQL Instance Log_min_error_statement Database Flag is not set to Error or stricter π’ | 1 | π’ x6 |
| π Google Cloud PostgreSQL Instance Log_min_messages Database Flag is not set at minimum to Warning π’ | 1 | π’ x6 |
| π Google Cloud PostgreSQL Instance Log_statement Database Flag is not set appropriately π’ | 1 | π’ x6 |
| π Google GCE Subnetwork Flow Logs are not enabled π’ | 1 | π’ x6 |