Framework Area
Detect
Possible cybersecurity attacks and compromises are found and analyzed.
DETECT enables the timely discovery and analysis of anomalies, indicators of compromise, and other potentially adverse events that may indicate that cybersecurity attacks and incidents are occurring.
This Function supports successful incident response and recovery activities.
Categories
Explore the categories within the Detect function
Continuous Monitoring involves actively observing networks, systems, personnel activity, and physical environments to detect potentially adverse events.
It includes detecting malicious or unauthorized code, monitoring third-party services, scanning for vulnerabilities, and identifying unauthorized access or devices to enable timely response.
Adverse Event Analysis focuses on understanding and assessing abnormal activities by analyzing events against a baseline of expected behavior.
It involves correlating data from multiple sources, evaluating impact and scope, integrating threat intelligence, and determining when events qualify as incidents based on defined thresholds.
ResponseHub is the product I wish I had when I was a CTO
Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.
As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!
I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.
