Collect, alert, review, and retain audit logs of events that could help detect, understand, or recover from an attack.
Solutions
APPLICATIONS SOFTWARE SECURITY
Definition
Manage the security life cycle of in-house developed, hosted, or acquired software to prevent, detect, and remediate security weaknesses before they can impact the enterprise.
Solutions
ACCOUNT MANAGEMENT
Definition
Use processes and tools to assign and manage authorization to credentials for user accounts, including administrator accounts, as well as service accounts to enterprise assets and software.
Solutions
ACCESS CONTROL MANAGEMENT
Definition
Use processes and tools to create, assign, manage, and revoke access credentials and privileges for user, administrator, and service accounts for enterprise assets and software.
Solutions
Continuous Vulnerability Management
Data Protection
Data Recovery
Email and Web Browser Protection
Access Control Management
Account Management
Applications Software Security
Audit Log Management
EMAIL AND WEB PROTECTION
Definition
Improve protections and detections of threats from email and web vectors, as these are opportunities for attackers to manipulate human behavior through direct engagement.
Solutions
DATA RECOVERY
Definition
Establish and maintain data recovery practices sufficient to restore in-scope enterprise assets to a pre-incident and trusted state.
Solutions
DATA PROTECTION
Definition
Develop processes and technical controls to identify, classify, securely handle, retain, and dispose of data.