SAMMY UI is optimized for resolutions with a width 1024px and higher.
Cybersecurity Fundamentals
Browse Cybersecurity...
DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed
DE.AE-2: Detected events are analyzed to understand attack targets and methods
DE.AE-3: Event data are collected and correlated from multiple sources and sensors
DE.AE-4: Impact of events is determined
DE.AE-5: Incident alert thresholds are established
DE.AE-1.1
DE.AE-1.1: The organization shall ensure that a baseline of network operations and expected data flows for its critical systems is developed, documented and maintained to track events.
  • Consider enabling local logging on all your systems and network devices and keep them for a certain period, for example up to 6 months.
  • Ensure that your logs contain enough information (source, date, user, timestamp, etc.) and that you have enough storage space for their generation.
  • Consider centralizing your logs.
  • Consider deploying a Security Information and Event Management tool (SIEM) that will facilitate the correlation and analysis of your data.
Description

The organization shall ensure that a baseline of network operations and expected data flows for its critical systems is developed, documented and maintained to track events.