You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Critical Control 6 - Maintenance, Monitoring, and Analysis of Audit Logs
Collect, manage, and analyze audit logs of events that could help detect, understand, or recover from an attack.
DE.AE-1 A baseline of network operations and expected data flows for users and systems is established and managed
DE.AE-2 Detected events are analyzed to understand attack targets and methods
DE.AE-3 Event data are collected and correlated from multiple sources and sensors
DE.AE-4 Impact of events is determined
DE.AE-5 Incident alert thresholds are established
RS.AN-1 Notifications from detection systems are investigated
RS.AN-2 The impact of the incident is understood
RS.AN-3 Forensics are performed
RS.AN-4 Incidents are categorized consistent with response plans
RS.AN-5 Processes are established to receive, analyze and respond to vulnerabilities disclosed to the organization from internal and external sources (e.g. internal testing, security bulletins, or security researchers)