💼 CC7.2-1 Implements Detection Policies, Procedures, and Tools

ID: /frameworks/soc-2/cc7/02/01

Description

Detection policies and procedures are defined and implemented, and detection tools are implemented on Infrastructure and software to identify anomalies in the operation or unusual activity on systems. Procedures may include (1) a defined governance process for security event detection and management that includes provision of resources; (2) use of intelligence sources to identify newly discovered threats and vulnerabilities; and (3) logging of unusual system activities.

Similar

Internal
- ID: dec-c-b18dc75d

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (7)

Policy	Logic Count	Flags	Compliance
🛡️ Google Cloud PostgreSQL Instance `Log_error_verbosity` Database Flag is not set to DEFAULT or stricter🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_connections Database Flag is not set to On🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_disconnections Database Flag is not set to On🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_min_error_statement Database Flag is not set to Error or stricter🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_min_messages Database Flag is not set at minimum to Warning🟢	1	🟢 x6	no data
🛡️ Google Cloud PostgreSQL Instance Log_statement Database Flag is not set appropriately🟢	1	🟢 x6	no data
🛡️ Google GCE Subnetwork Flow Logs are not enabled🟢	1	🟢 x6	no data

Description​

Similar​

Sub Sections​

Policies (7)​

Description

Similar

Sub Sections

Policies (7)