SI-4(2): Automated Tools For Real-Time Analysis

Control Family:

System And Information Integrity

Parent Control:

SI-4: Information System Monitoring

Priority:

CSF v1.1 References:

Threats Addressed:

Baselines:

  • Moderate
  • High

Next Version:

Control Statement

The organization employs automated tools to support near real-time analysis of events.

Supplemental Guidance

Automated tools include, for example, host-based, network-based, transport-based, or storage-based event monitoring tools or Security Information and Event Management (SIEM) technologies that provide real time analysis of alerts and/or notifications generated by organizational information systems.

Related Controls

Critical Security Controls Version 8