0
Skip to Content
Japh On Tech InfoSec
Japh On Tech InfoSec
Rules
Licensing
Account
Libaries
Threats
MITRE ATTACK Techniques
CIS Control Library
HIPAA Control Library
ISO 27001 Library
NIST Control Library
PCI Control Library
GDPR Library
PSD2 (Payment Services Directive 2) Library
AML&KYC Library
Blog
Archive
About
Search
Japh On Tech InfoSec
Japh On Tech InfoSec
Rules
Licensing
Account
Libaries
Threats
MITRE ATTACK Techniques
CIS Control Library
HIPAA Control Library
ISO 27001 Library
NIST Control Library
PCI Control Library
GDPR Library
PSD2 (Payment Services Directive 2) Library
AML&KYC Library
Blog
Archive
About
Search
Rules
Licensing
Account
Folder: Libaries
Back
Threats
MITRE ATTACK Techniques
CIS Control Library
HIPAA Control Library
ISO 27001 Library
NIST Control Library
PCI Control Library
GDPR Library
PSD2 (Payment Services Directive 2) Library
AML&KYC Library
Blog
Archive
About
Search
RS.MI-3: Mitigation
Network, Monitoring, Communication, Incident Response, Investigation, Analysis, Mitigation Jeremy Pickett 2/20/25 Network, Monitoring, Communication, Incident Response, Investigation, Analysis, Mitigation Jeremy Pickett 2/20/25

RS.MI-3: Mitigation

Newly identified vulnerabilities are mitigated or documented as accepted risks.

Read More
RS.MI-2: Mitigation
Network, Monitoring, Communication, Incident Response, Investigation, Analysis, Mitigation Jeremy Pickett 2/19/25 Network, Monitoring, Communication, Incident Response, Investigation, Analysis, Mitigation Jeremy Pickett 2/19/25

RS.MI-2: Mitigation

Incidents are mitigated.

Read More
RS.MI-1: Mitigation
Network, Monitoring, Communication, Incident Response, Investigation, Analysis, Mitigation Jeremy Pickett 2/18/25 Network, Monitoring, Communication, Incident Response, Investigation, Analysis, Mitigation Jeremy Pickett 2/18/25

RS.MI-1: Mitigation

Incidents are contained.

Read More
RS.AN-5: Analysis
Network, Monitoring, Communication, Incident Response, Investigation, Analysis Jeremy Pickett 2/17/25 Network, Monitoring, Communication, Incident Response, Investigation, Analysis Jeremy Pickett 2/17/25

RS.AN-5: Analysis

Processes are established to receive, analyze and respond to vulnerabilities disclosed to the organization from internal and external sources (e.g., internal testing, security bulletins, or security researchers).

Read More
RS.AN-4: Analysis
Network, Monitoring, Communication, Incident Response, Investigation, Analysis Jeremy Pickett 2/14/25 Network, Monitoring, Communication, Incident Response, Investigation, Analysis Jeremy Pickett 2/14/25

RS.AN-4: Analysis

Incidents are categorized consistent with response plans.

Read More
RS.AN-3: Analysis
Network, Monitoring, Communication, Incident Response, Investigation, Analysis Jeremy Pickett 2/13/25 Network, Monitoring, Communication, Incident Response, Investigation, Analysis Jeremy Pickett 2/13/25

RS.AN-3: Analysis

Forensic data is collected.

Read More
RS.AN-2: Analysis
Network, Monitoring, Communication, Incident Response, Investigation, Analysis Jeremy Pickett 2/12/25 Network, Monitoring, Communication, Incident Response, Investigation, Analysis Jeremy Pickett 2/12/25

RS.AN-2: Analysis

The impact of the incident is understood.

Read More
RS.AN-1: Analysis
Network, Monitoring, Communication, Incident Response, Investigation, Analysis Jeremy Pickett 2/11/25 Network, Monitoring, Communication, Incident Response, Investigation, Analysis Jeremy Pickett 2/11/25

RS.AN-1: Analysis

Notifications from detection systems are investigated

Read More
RS.CO-5: Communications
Network, Monitoring, Communication, Incident Response Jeremy Pickett 2/10/25 Network, Monitoring, Communication, Incident Response Jeremy Pickett 2/10/25

RS.CO-5: Communications

Voluntary information sharing occurs with external stakeholders to achieve broader cybersecurity situational awareness.

Read More
RS.CO-4: Communications
Network, Monitoring, Communication, Incident Response Jeremy Pickett 2/7/25 Network, Monitoring, Communication, Incident Response Jeremy Pickett 2/7/25

RS.CO-4: Communications

Coordination with stakeholders occurs consistent with response plans.

Read More
RS.CO-3: Communications
Network, Monitoring, Communication, Incident Response Jeremy Pickett 2/6/25 Network, Monitoring, Communication, Incident Response Jeremy Pickett 2/6/25

RS.CO-3: Communications

Information is shared consistent with response plans.

Read More
RS.CO-2: Communications
Network, Monitoring, Communication, Incident Response Jeremy Pickett 2/5/25 Network, Monitoring, Communication, Incident Response Jeremy Pickett 2/5/25

RS.CO-2: Communications

Incidents are reported consistent with established criteria.

Read More
RS.CO-1: Communications
Network, Monitoring, Communication Jeremy Pickett 2/4/25 Network, Monitoring, Communication Jeremy Pickett 2/4/25

RS.CO-1: Communications

Personnel know their roles and order of operations when a response is needed.

Read More
RS.RP-1: Response Planning
Network, Monitoring, Roles, Responsibilities Jeremy Pickett 2/3/25 Network, Monitoring, Roles, Responsibilities Jeremy Pickett 2/3/25

RS.RP-1: Response Planning

Response plan is executed during or after an event.

Read More
DE.DP-5: Detection Processes
Network, Monitoring, Roles, Responsibilities Jeremy Pickett 1/31/25 Network, Monitoring, Roles, Responsibilities Jeremy Pickett 1/31/25

DE.DP-5: Detection Processes

Detection processes are continuously improved.

Read More
DE.DP-4: Detection Processes
Network, Monitoring, Roles, Responsibilities Jeremy Pickett 1/30/25 Network, Monitoring, Roles, Responsibilities Jeremy Pickett 1/30/25

DE.DP-4: Detection Processes

Event detection information is communicated to appropriate parties.

Read More
DE.DP-3: Detection Processes
Network, Monitoring, Roles, Responsibilities Jeremy Pickett 1/29/25 Network, Monitoring, Roles, Responsibilities Jeremy Pickett 1/29/25

DE.DP-3: Detection Processes

Detection processes are tested.

Read More
DE.DP-2: Detection Processes
Network, Monitoring, Roles, Responsibilities Jeremy Pickett 1/28/25 Network, Monitoring, Roles, Responsibilities Jeremy Pickett 1/28/25

DE.DP-2: Detection Processes

Detection activities comply with all applicable requirements.

Read More
DE.DP-1: Detection Processes
Network, Monitoring, Roles, Responsibilities Jeremy Pickett 1/27/25 Network, Monitoring, Roles, Responsibilities Jeremy Pickett 1/27/25

DE.DP-1: Detection Processes

Roles and responsibilities for detection are well defined to ensure accountability.

Read More
DE.CM-8: Security Continuous Monitoring
Network, Monitoring, Unauthorized Code, Vulnerability Scans Jeremy Pickett 1/24/25 Network, Monitoring, Unauthorized Code, Vulnerability Scans Jeremy Pickett 1/24/25

DE.CM-8: Security Continuous Monitoring

Vulnerability scans are performed.

Read More
Older Posts

Contact: jeremy@japhontech.com : : japhontech, LLC