NIST CSC Control PR.IP-12: A Vulnerability Management Plan is Developed and Implemented

NIST CSC Control PR.PT-1: Audit/Log Records Are Determined, Documented, Implemented, and Reviewed in Accordance with Policy

NIST CSF Control DE.AE-2: Detected Events Are Analyzed to Understand Attack Targets and Methods

NIST CSF Control DE.AE-3: Event Data Are Aggregated and Correlated from Multiple Sources and Sensors

NIST CSF Control DE.AE-5: Incident Alert Thresholds Are Established

NIST CSF Control DE.CM-3: Personnel Activity Is Monitored to Detect Potential Cybersecurity Events

NIST CSF Control DE.CM-4: Malicious Code Is Detected

NIST CSF Control DE.CM-7: Monitoring for Unauthorized Personnel, Connections, Devices, and Software Is Performed

NIST CSF Control DE.CM-8: Vulnerability Scans Are Performed

NIST CSF Control DE.DP-4: Event Detection Information Is Communicated to Appropriate Parties

NIST CSF Control ID.AM-1: Physical Devices and Systems within the Organization Are Inventoried

NIST CSF Control ID.AM-5: Resources (E.G., Hardware, Devices, Data, and Software) Are Prioritized Based on their Classification, Criticality, and Business Value

NIST CSF Control ID.RA-1: Asset Vulnerabilities Are Identified and Documented

NIST CSF Control ID.RA-2: Threat and Vulnerability Information is Received from Information Sharing Forums and Sources

NIST CSF Control PR.AC-1: Identities and Credentials Are Managed for Authorized Devices and Users

NIST CSF Control RS.AN-3: Forensics Are Performed