DE.AE-01

Has your organization established and maintained a baseline of network operations and expected data flows for users and systems?

Explanation

This question assesses whether your organization has documented normal network behavior patterns and data flows, which is essential for detecting anomalies that could indicate security incidents. A network baseline defines what constitutes 'normal' traffic, connections, and system behaviors across your environment, enabling more effective identification of potential security events when deviations occur.As evidence, you could provide network baseline documentation that includes network topology diagrams, expected data flow mappings between systems, normal traffic volume patterns, authorized communication protocols, and standard user activity profiles. This documentation should be regularly reviewed and updated to reflect changes in your environment.

Context

Function: DE: DETECT
Category: DE.AE: Adverse Event Analysis
Sub-Category: A baseline of network operations and expected data flows for users and systems is established and managed

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub