Eleos | Home

Threat Management

Threat Intelligence Program

Level N/A

Mechanisms exist to implement a threat intelligence program that includes a cross-organization information-sharing capability that can influence the development of the system and security architectures, selection of security solutions, monitoring, threat hunting, response and recovery activities.

Parent

Compliance Framework

Secure Controls Framework 2023.4

Control Number

THR-01

Related

Compliance Framework

ISO 27002:2022

NIST 800-53 Rev 5

NIST CSF v1.1

CERT RMM v1.2

CMMC v2.11

NIST 800-171 Rev 2

Control Number

5.7

PM-15

PM-16

ID.BE-2

ID.RA-3

OTA:SG1.SP2

OTA:SG2.SP1

CA.L2-3.12.3

SI.L2-3.14.3

RA.L3-3.11.1e

3.12.3

3.14.3

Solutions
Community

Threat Management

Indicators of Exposure (IOE)

Level N/A

Mechanisms exist to develop Indicators of Exposure (IOE) to understand the potential attack vectors that attackers could use to attack the organization.

Parent

Compliance Framework

Secure Controls Framework 2023.4

Control Number

THR-02

Related

Compliance Framework

ISO 27002:2022

Control Number

5.7

Solutions
Community

Threat Management

Threat Intelligence Feeds

Level N/A

Mechanisms exist to maintain situational awareness of evolving threats by leveraging the knowledge of attacker tactics, techniques and procedures to facilitate the implementation of preventative and compensating controls.

Parent

Compliance Framework

Secure Controls Framework 2023.4

Control Number

THR-03

Related

Compliance Framework

ISO 27002:2022

NIST 800-53 Rev 5

NIST CSF v1.1

CERT RMM v1.2

CMMC v2.11

NIST 800-171 Rev 2

Control Number

5.7

PM-16(1)

SI-5

SI-5(1)

ID.RA-2

RS.AN-5

COMM:SG2.SP1

COMM:SG2.SP2

SI.L1-b.1.xii

SI.L2-3.14.3

SI.L3-3.14.6e

3.14.3

Solutions
Community

Threat Management

Insider Threat Program

Level N/A

Mechanisms exist to implement an insider threat program that includes a cross-discipline insider threat incident handling team.

Parent

Compliance Framework

Secure Controls Framework 2023.4

Control Number

THR-04

Related

Compliance Framework

NIST 800-53 Rev 5

CERT RMM v1.2

Control Number

PM-12

IMC:SG1.SP1

Solutions
Community

Threat Management

Insider Threat Awareness

Level N/A

Mechanisms exist to utilize security awareness training on recognizing and reporting potential indicators of insider threat.

Parent

Compliance Framework

Secure Controls Framework 2023.4

Control Number

THR-05

Related

Compliance Framework

NIST 800-53 Rev 5

CMMC v2.11

Control Number

AT-2(2)

AT.L2-3.2.3

Solutions
Community

Threat Management

Vulnerability Disclosure Program (VDP)

Level N/A

Mechanisms exist to establish a Vulnerability Disclosure Program (VDP) to assist with the secure development and maintenance of products and services that receives unsolicited input from the public about vulnerabilities in organizational systems, services and processes.

Parent

Compliance Framework

Secure Controls Framework 2023.4

Control Number

THR-06

Related

Compliance Framework

NIST 800-53 Rev 5

Control Number

RA-5(11)

Solutions
Community

Threat Management

Threat Hunting

Level N/A

Mechanisms exist to perform cyber threat hunting that uses Indicators of Compromise (IoC) to detect, track and disrupt threats that evade existing security controls.

Parent

Compliance Framework

Secure Controls Framework 2023.4

Control Number

THR-07

Related

Compliance Framework

NIST 800-53 Rev 5

CMMC v2.11

Control Number

RA-10

SC-48

RA.L3-3.11.2e

Solutions
Community

Threat Management

Tainting

Level N/A

Mechanisms exist to embed false data or steganographic data in files to enable the organization to determine if data has been exfiltrated and provide a means to identify the individual(s) involved.

Parent

Compliance Framework

Secure Controls Framework 2023.4

Control Number

THR-08

Related

Compliance Framework

NIST 800-53 Rev 5

Control Number

SI-20

Solutions
Community

Threat Management

Threat Catalog

Level N/A

Mechanisms exist to develop and keep current a catalog of applicable internal and external threats to the organization, both natural and manmade.

Solutions
Community

Threat Management

Threat Analysis

Level N/A

Mechanisms exist to identify, assess, prioritize and document the potential impact(s) and likelihood(s) of applicable internal and external threats.

Parent

Compliance Framework

Secure Controls Framework 2023.4

Control Number

THR-10

Related

Compliance Framework

SEC Regulation S-K 17.2.229 v2024.01.02

Control Number

229.106(b)(2)

Solutions
Community

Threat Management

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Threat Management

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Threat Management

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Threat Management

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Threat Management

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Threat Management

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Threat Management

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Threat Management

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Threat Management

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Threat Management

Create new POAM

Create new Exception

Assign to POAM

Assign to Exception

Organization Passcode

Only share this code with people you trust. Users will become a member of your organization and view your SSP and reports.