Title

Applications related to incident tracking must support organizational requirements to employ automated mechanisms to assist in the tracking of security incidents. (Cat II impact)

Discussion

Incident tracking is a method of monitoring networks and systems for activity indicative of viral infection or system attack. Monitoring for this type of activity provides the organization with the capability to proactively detect and respond to attacks. Automated mechanisms for tracking security incidents and collecting/analyzing incident information include, the Einstein network monitoring device and monitoring online Computer Incident Response Centers (CIRCs) or other electronic databases of incidents. Rationale for non-applicability: The MDM SRG covers the centralized management of audit logs and alerts, which is closely integrated with tracking of security incidents.

Check Content

This requirement is NA for the MAPP SRG.

Fix Text

The requirement is NA. No fix is required.

Additional Identifiers

Rule ID: SV-46795r1_rule

Vulnerability ID: V-35508

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.