Title

Applications providing notifications regarding suspicious events must include the capability to notify an organization-defined list of response personnel who are identified by name and/or by role. (Cat II impact)

Discussion

Incident response applications are by their nature designed to monitor, detect, and alarm on defined events occurring on the system or on the network. A large part of their functionality is accurate and timely notification of events. Notifications can be made more efficient by the creation of notification groups containing members who would be responding to a particular alarm or event. Rationale for non-applicability: The MDM SRG covers the mechanisms for security related alerts.

Check Content

This requirement is NA for the MAPP SRG.

Fix Text

The requirement is NA. No fix is required.

Additional Identifiers

Rule ID: SV-47009r1_rule

Vulnerability ID: V-35722

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.