Search by property

This page provides a simple browsing interface for finding entities described by a property and a named value. Other available search interfaces include the page property search, and the ask query builder.

List of results

• Category:PR.DS-5: Protections against data leaks are implemented  + (03:24:43, 23 October 2023)
• Category:Mitigation (RS.MI)  + (03:24:43, 23 October 2023)
• Category:RS.MI-2: Incidents are mitigated  + (03:24:43, 23 October 2023)
• Category:DETECT (DE)  + (03:24:43, 23 October 2023)
• Category:PR.AC-2: Physical access to assets is managed and protected  + (03:24:43, 23 October 2023)
• Category:RC.RP-1: Recovery plan is executed during or after a cybersecurity incident  + (03:24:43, 23 October 2023)
• Category:PR.IP-5: Policy and regulations regarding the physical operating environment for organizational assets are met  + (03:24:44, 23 October 2023)
• Category:ID.RA-2: Cyber threat intelligence is received from information sharing forums and sources  + (03:24:44, 23 October 2023)
• Category:ID.AM-4: External information systems are catalogued  + (03:24:44, 23 October 2023)
• Category:DE.AE-4: Impact of events is determined  + (03:24:44, 23 October 2023)
• Category:PR.IP-2: A System Development Life Cycle to manage systems is implemented  + (03:24:44, 23 October 2023)
• Category:Analysis (RS.AN)  + (03:24:45, 23 October 2023)
• Category:ID.GV-2: Cybersecurity roles and responsibilities are coordinated and aligned with internal roles and external partners  + (03:24:45, 23 October 2023)
• Category:PR.AT-2: Privileged users understand their roles and responsibilities  + (03:24:45, 23 October 2023)
• Category:Risk Management Strategy (ID.RM)  + (03:24:45, 23 October 2023)
• Category:PR.DS-7: The development and testing environment(s) are separate from the production environment  + (03:24:45, 23 October 2023)
• Category:ID.SC-4: Suppliers and third-party partners are routinely assessed using audits, test results, or other forms of evaluations to confirm they are meeting their contractual obligations.  + (03:24:46, 23 October 2023)
• Category:RS.AN-4: Incidents are categorized consistent with response plans  + (03:24:46, 23 October 2023)
• Category:PR.AT-4: Senior executives understand their roles and responsibilities  + (03:24:46, 23 October 2023)
• Category:Governance (ID.GV)  + (03:24:46, 23 October 2023)
• Category:PR.MA-1: Maintenance and repair of organizational assets are performed and logged, with approved and controlled tools  + (03:24:46, 23 October 2023)
• Category:Supply Chain Risk Management (ID.SC)  + (03:24:47, 23 October 2023)
• Category:IDENTIFY (ID)  + (03:24:47, 23 October 2023)
• Category:DE.DP-4: Event detection information is communicated  + (03:24:47, 23 October 2023)
• Category:NIST CSF v1.1  + (03:24:47, 23 October 2023)
• Category:RS.IM-2: Response strategies are updated  + (03:24:47, 23 October 2023)
• Category:RS.AN-5: Processes are established to receive, analyze and respond to vulnerabilities disclosed to the organization from internal and external sources (e.g. internal testing, security bulletins, or security researchers)  + (03:24:47, 23 October 2023)

• Category:Awareness Training (PR.AT)  + (03:24:48, 23 October 2023)
• Category:DE.AE-2: Detected events are analyzed to understand attack targets and methods  + (03:24:48, 23 October 2023)
• Category:ID.AM-2: Software platforms and applications within the organization are inventoried  + (03:24:48, 23 October 2023)
• Category:ID.BE-5: Resilience requirements to support delivery of critical services are established for all operating states (e.g. under duress or attack, during recovery, normal operations)  + (03:24:48, 23 October 2023)
• Category:RS.AN-2: The impact of the incident is understood  + (03:24:48, 23 October 2023)

• Category:ID.RM-2: Organizational risk tolerance is determined and clearly expressed  + (03:24:49, 23 October 2023)
• Category:DE.DP-2: Detection activities comply with all applicable requirements  + (03:24:49, 23 October 2023)
• Category:PR.DS-4: Adequate capacity to ensure availability is maintained  + (03:24:49, 23 October 2023)
• Category:RS.CO-3: Information is shared consistent with response plans  + (03:24:49, 23 October 2023)
• Category:PR.IP-11: Cybersecurity is included in human resources practices (e.g., deprovisioning, personnel screening)  + (03:24:49, 23 October 2023)
• Category:ID.RM-1: Risk management processes are established, managed, and agreed to by organizational stakeholders  + (03:24:50, 23 October 2023)
• Category:Response Planning (RS.RP)  + (03:24:50, 23 October 2023)
• Category:Improvements (RS.IM)  + (03:24:50, 23 October 2023)
• Category:ID.SC-2: Suppliers and third party partners of information systems, components, and services are identified, prioritized, and assessed using a cyber supply chain risk assessment process  + (03:24:50, 23 October 2023)
• Category:PR.AT-1: All users are informed and trained  + (03:24:50, 23 October 2023)
• Category:PR.IP-10: Response and recovery plans are tested  + (03:24:51, 23 October 2023)
• Category:PR.IP-8: Effectiveness of protection technologies is shared  + (03:24:51, 23 October 2023)
• Category:PR.AC-1: Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes  + (03:24:51, 23 October 2023)
• Category:PR.DS-2: Data-in-transit is protected  + (03:24:51, 23 October 2023)
• Category:RC.CO-2: Reputation is repaired after an incident  + (03:24:51, 23 October 2023)
• Category:ID.SC-1: Cyber supply chain risk management processes are identified, established, assessed, managed, and agreed to by organizational stakeholders  + (03:24:52, 23 October 2023)
• Category:DE.DP-5: Detection processes are continuously improved  + (03:24:52, 23 October 2023)
• Category:PR.IP-3: Configuration change control processes are in place  + (03:24:52, 23 October 2023)
• Category:ID.AM-5: Resources (e.g., hardware, devices, data, time, personnel, and software) are prioritized based on their classification, criticality, and business value  + (03:24:52, 23 October 2023)
• Category:DE.CM-8: Vulnerability scans are performed  + (03:24:52, 23 October 2023)
• Category:ID.RA-4: Potential business impacts and likelihoods are identified  + (03:24:53, 23 October 2023)
• Category:PR.DS-6: Integrity checking mechanisms are used to verify software, firmware, and information integrity  + (03:24:53, 23 October 2023)
• Category:RS.CO-5: Voluntary information sharing occurs with external stakeholders to achieve broader cybersecurity situational awareness  + (03:24:53, 23 October 2023)