DE.CM-01.275

Does your organization continuously monitor network communications to detect changes in security postures as part of a zero trust architecture?

Explanation

This question assesses whether your organization has implemented real-time network monitoring capabilities that can identify when devices, users, or services deviate from expected security states. In a zero trust model, continuous verification is essential as security postures can change rapidly when devices become compromised, configurations drift, or unauthorized access attempts occur.An acceptable evidence deliverable would include documentation of your network monitoring solution configuration, screenshots of dashboards showing security posture monitoring, logs demonstrating detection of posture changes, and procedures for responding to identified security posture changes. This could also include reports from tools like Network Access Control (NAC) systems, Endpoint Detection and Response (EDR) solutions, or Security Information and Event Management (SIEM) platforms that specifically monitor for security posture changes.

Implementation Example

Monitor network communications to identify changes in security postures for zero trust purposes

ID: DE.CM-01.275

Context

Function
DE: DETECT
Category
DE.CM: Continuous Monitoring
Sub-Category
Networks and network services are monitored to find potentially adverse events

ResponseHub is the product I wish I had when I was a CTO

Previously I was co-founder and CTO of Progression, a VC backed HR-tech startup used by some of the biggest names in tech.

As our sales grew, security questionnaires quickly became one of my biggest pain-points. They were confusing, hard to delegate and arrived like London busses - 3 at a time!

I'm building ResponseHub so that other teams don't have to go through this. Leave the security questionnaires to us so you can get back to closing deals, shipping product and building your team.

Signature
Neil Cameron
Founder, ResponseHub
Neil Cameron