DE.AE-03: Information is correlated from multiple sources

Description

[csf.tools Note: Subcategories do not have detailed descriptions. However NIST has provided the following implementation examples.]

Implementation Examples

Ex1: Constantly transfer log data generated by other sources to a relatively small number of log servers

Ex2: Use event correlation technology (e.g., SIEM) to collect information captured by multiple sources

Ex3: Utilize cyber threat intelligence to help correlate events among log sources

1st: 1st Party Risk