DE.AE-07: Cyber threat intelligence and other contextual information are integrated into the analysis

Info icon.

Subcategory is new to this version of the framework and incorporates the following item from the previous version: DE.AE-3: Event data are collected and correlated from multiple sources and sensors.


[ Note: Subcategories do not have detailed descriptions. However NIST has provided the following implementation examples.]

Implementation Examples

Ex1: Securely provide cyber threat intelligence feeds to detection technologies, processes, and personnel

Ex2: Securely provide information from asset inventories to detection technologies, processes, and personnel

Ex3: Rapidly acquire and analyze vulnerability disclosures for the organization's technologies from suppliers, vendors, and third-party security advisories

1st: 1st Party Risk