«

»

Feb
11

Analysis of Security Automation and Continuous Monitoring (SACM) Use Cases

Editor’s Note:  The complete draft memo, draft-waltermire-sacm-use-cases-04 may be found here.  The Abstract is below.

From: IETF.org

D. Waltermire, Ed. (NIST)

Abstract

This document identifies use cases, derived functional capabilities, and requirements needed to provide a foundation for creating interoperable automation tools and continuous monitoring solutions that provide visibility into the state of endpoints, user activities, and network behavior.  Stakeholders will be able to use these tools to aggregate and analyze relevant security and operational data to    understand the organizations security posture, quantify business risk, and make informed decisions that support organizational objectives while protecting critical information.  Organizations will be able to use these tools to augment and automate information sharing activities to collaborate with partners to identify and mitigate threats.  Other automation tools will be able to integrate with these capabilities to enforce policies based on human decisions to harden systems, prevent misuse and reduce the overall attack surface.

Leave a Reply

Please Answer: *