TVM-04: Detection Updates

CSF v1.1 References:

PF v1.0 References:

Info icon.

Control is new to this version of the control set.

Control Statement

Define, implement and evaluate processes, procedures and technical measures to update detection tools, threat signatures, and indicators of compromise on a weekly, or more frequent basis.

Implementation Guidance

A rolling schedule of detection, reporting, and mitigation should be established so that all actions to address threats and non-conformance are performed on time and reported to the integrated TVM system for monitoring and oversight. In addition, where applicable, implement automation so that threats and non-conformance are mitigated on time.

Auditing Guidance

  1. Examine policy for adequacy, currency, and effectiveness.
  2. Determine if technical measures are evaluated for effectiveness.
  3. Determine if updates and reviews of indicators are conducted at least weekly.

[ Note: For more information on the Cloud Controls Matrix, visit the CSA Cloud Controls Matrix Homepage.]

Cloud Control Matrix is Copyright 2023 Cloud Security Alliance.