Mechanisms exist to monitor, correlate and respond to alerts from physical, cybersecurity, data privacy and supply chain activities to achieve integrated situational awareness.
Mechanisms exist to utilize Wireless Intrusion Detection / Protection Systems (WIDS / WIPS) to identify rogue wireless devices and to detect attack attempts via wireless networks.
Mechanisms exist to utilize Host-based Intrusion Detection / Prevention Systems (HIDS / HIPS) to actively alert on or block unwanted activities and send logs to a Security Incident Event Manager (SIEM), or similar automated tool, to maintain situational awareness.
Mechanisms exist to utilize a File Integrity Monitor (FIM), or similar change-detection technology, on critical assets to generate alerts for unauthorized modifications.
Mechanisms exist to review event logs on an ongoing basis and escalate incidents in accordance with established timelines and procedures.
Mechanisms exist to log all Internet-bound requests, in order to identify prohibited activities and assist incident handlers with identifying potentially compromised systems.
Mechanisms exist to monitor deactivated accounts for attempted usage.
Mechanisms exist to automatically implement pre-determined corrective actions in response to detected events that have security incident implications.
Mechanisms exist to automatically alert incident response personnel to inappropriate or anomalous activities that have potential security incident implications.
Mechanisms exist to "tune" event monitoring technologies through analyzing communications traffic/event patterns and developing profiles representing common traffic patterns and/or events.
Passcode