DE.CM-09—Computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events
>Control Description
This continuous monitoring subcategory ensures that computing hardware and software, runtime environments, and their data are monitored to find potentially adverse events. Key activities include: Monitor email, web, file sharing, collaboration services, and other common attack vectors to detect malware, phishing, data leaks and exfiltration,...; Monitor authentication attempts to identify attacks against credentials and unauthorized credential reuse; Monitor software configurations for deviations from security baselines.
>Cross-Framework Mappings
NIST SP 800-53 r5
via NIST CSF 2.0 Concept CrosswalkPCI DSS v4.0.1
via NIST OLIR CatalogISO 27001:2022
via NIST OLIR Catalog>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
CCC-07
IVS-06
LOG-01
LOG-03
LOG-05
LOG-08
LOG-10
LOG-11
+5 more
CIS Controls v8.0
10.1
CIS Controls v8.1
10.1
CRI Profile v2.0
DE.CM-09
DE.CM-09.01
DE.CM-09.02
DE.CM-09.03
CSF v1.1
PR.DS-6
PR.DS-8
DE.CM-4
DE.CM-5
DE.CM-7
ISO/IEC 27001:2022
Mandatory Clause: None
Annex A Controls: 8.16
NICE Framework
DD-WRL-005
DD-WRL-007
IO-WRL-006
OG-WRL-016
PD-WRL-001
PD-WRL-004
PCI DSS
5.2.1
5.2.2
5.3.2
11.3.1
11.3.2
6.4.3
10.3.4
SCF
MON-01
MON-01.7
END-01
END-04
END-06
SP 800-171 Rev 3
03.01.03
03.03.03
03.04.02
03.04.03
03.12.03
03.14.06
SP 800-53 Rev 5.1.1
AC-04
AC-09
AU-12
CA-07
CM-03
CM-06
CM-10
CM-11
+4 more
SP 800-53 Rev 5.2.0
AC-04
AC-09
AU-12
CA-07
CM-03
CM-06
CM-10
CM-11
+4 more
Ask AI
Configure your API key to use AI features.