DE.AE-02.292

Does your organization conduct regular manual reviews of log events for systems that cannot be adequately monitored through automated means?

Explanation

Some technologies or systems may generate logs that are difficult to parse or interpret automatically, requiring human review to identify anomalies or security incidents. Examples include specialized equipment, legacy systems, or applications with unique logging formats that automated SIEM tools cannot effectively process. Evidence of compliance could include documented log review procedures, schedules showing when manual reviews occur, review findings/reports, or entries in a security operations tracking system showing completed manual log reviews with timestamps, reviewer names, and any findings.

Implementation Example

Regularly conduct manual reviews of log events for technologies that cannot be sufficiently monitored through automation

ID: DE.AE-02.292

Context

Function: DE: DETECT
Category: DE.AE: Adverse Event Analysis
Sub-Category: Potentially adverse events are analyzed to better understand associated activities

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Neil Cameron

Founder, ResponseHub