DE.CM-01 - Monitoring Networks for Adverse Events
DE.CM-01 focuses on continuously monitoring networks and network services, such as DNS and BGP, to detect potentially adverse events like unauthorized connections or traffic anomalies. This involves comparing real-time network flows against established baselines to identify deviations that could signal a security threat. It ensures visibility into network activity to catch issues early.
This subcategory strengthens proactive defense by monitoring both wired and wireless networks, including facilities for rogue access points, aligning efforts with risk priorities. It supports rapid detection of compromises by maintaining a comprehensive view of network behavior. DE.CM-01 is a cornerstone of network security vigilance.
