Search by property

This page provides a simple browsing interface for finding entities described by a property and a named value. Other available search interfaces include the page property search, and the ask query builder.

List of results

• Category:Data Security (PR.DS)  + (03:24:54, 23 October 2023)
• Category:PR.AC-5: Network integrity is protected (e.g., network segregation, network segmentation)  + (03:24:54, 23 October 2023)
• Category:PR.IP-12: A vulnerability management plan is developed and implemented  + (03:24:54, 23 October 2023)
• Category:PR.AC-3: Remote access is managed  + (03:24:54, 23 October 2023)
• Category:Detection Processes (DE.DP)  + (03:24:54, 23 October 2023)
• Category:RS.MI-3: Newly identified vulnerabilities are mitigated or documented as accepted risks  + (03:24:54, 23 October 2023)
• Category:ID.SC-3: Contracts with suppliers and third-party partners are used to implement appropriate measures designed to meet the objectives of an organization’s cybersecurity program and Cyber Supply Chain Risk Management Plan.  + (03:24:55, 23 October 2023)
• Category:RC.CO-3: Recovery activities are communicated to internal and external stakeholders as well as executive and management teams  + (03:24:55, 23 October 2023)
• Category:Business Environment (ID.BE)  + (03:24:55, 23 October 2023)
• Category:RS.MI-1: Incidents are contained  + (03:24:55, 23 October 2023)
• Category:RS.AN-1: Notifications from detection systems are investigated  + (03:24:55, 23 October 2023)
• Category:RS.CO-4: Coordination with stakeholders occurs consistent with response plans  + (03:24:56, 23 October 2023)
• Category:ID.RA-1: Asset vulnerabilities are identified and documented  + (03:24:56, 23 October 2023)
• Category:PR.IP-4: Backups of information are conducted, maintained, and tested  + (03:24:56, 23 October 2023)
• Category:ID.RA-5: Threats, vulnerabilities, likelihoods, and impacts are used to determine risk  + (03:24:56, 23 October 2023)
• Category:RS.AN-3: Forensics are performed  + (03:24:56, 23 October 2023)
• Category:Communications (RS.CO)  + (03:24:57, 23 October 2023)
• Category:RS.CO-2: Incidents are reported consistent with established criteria  + (03:24:57, 23 October 2023)
• Category:DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed  + (03:24:57, 23 October 2023)
• Category:PR.AC-7: Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals’ security and privacy risks and other organizational risks)  + (03:24:57, 23 October 2023)
• Category:PR.IP-6: Data is destroyed according to policy  + (03:24:57, 23 October 2023)
• Category:RESPOND (RS)  + (03:24:57, 23 October 2023)
• Category:PR.DS-3: Assets are formally managed throughout removal, transfers, and disposition  + (03:24:58, 23 October 2023)
• Category:Risk Assessment (ID.RA)  + (03:24:58, 23 October 2023)
• Category:ID.GV-1: Organizational cybersecurity policy is established and communicated  + (03:24:58, 23 October 2023)
• Category:RS.IM-1: Response plans incorporate lessons learned  + (03:24:58, 23 October 2023)
• Category:ID.GV-4: Governance and risk management processes address cybersecurity risks  + (03:24:58, 23 October 2023)

• Category:DE.DP-1: Roles and responsibilities for detection are well defined to ensure accountability  + (03:24:59, 23 October 2023)
• Category:ID.AM-3: Organizational communication and data flows are mapped  + (03:24:59, 23 October 2023)
• Category:ID.RA-6: Risk responses are identified and prioritized  + (03:24:59, 23 October 2023)
• Category:Improvements (RC.IM)  + (03:24:59, 23 October 2023)
• Category:Information Protection Processes and Procedures (PR.IP)  + (03:24:59, 23 October 2023)

• Category:ID.RA-3: Threats, both internal and external, are identified and documented  + (03:25:00, 23 October 2023)
• Category:DE.DP-3: Detection processes are tested  + (03:25:00, 23 October 2023)
• Category:DE.CM-5: Unauthorized mobile code is detected  + (03:25:00, 23 October 2023)
• Category:PR.DS-1: Data-at-rest is protected  + (03:25:00, 23 October 2023)
• Category:Recovery Planning (RC.RP)  + (03:25:00, 23 October 2023)
• Category:Asset Management (ID.AM)  + (03:25:01, 23 October 2023)
• Category:PR.PT-3: The principle of least functionality is incorporated by configuring systems to provide only essential capabilities  + (03:25:01, 23 October 2023)
• Category:PR.MA-2: Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access  + (03:25:01, 23 October 2023)
• Category:PR.AC-4: Access permissions and authorizations are managed, incorporating the principles of least privilege and separation of duties  + (03:25:02, 23 October 2023)
• Category:DE.CM-1: The network is monitored to detect potential cybersecurity events  + (03:25:02, 23 October 2023)
• Category:ID.BE-1: The organization’s role in the supply chain is identified and communicated  + (03:25:03, 23 October 2023)
• Category:ID.AM-1: Physical devices and systems within the organization are inventoried  + (03:25:03, 23 October 2023)
• Category:PR.IP-9: Response plans (Incident Response and Business Continuity) and recovery plans (Incident Recovery and Disaster Recovery) are in place and managed  + (03:25:04, 23 October 2023)
• Category:Protective Technology (PR.PT)  + (03:25:05, 23 October 2023)
• Category:PR.AC-6: Identities are proofed and bound to credentials and asserted in interactions  + (03:25:05, 23 October 2023)
• Category:RS.RP-1: Response plan is executed during or after an incident  + (03:25:05, 23 October 2023)
• Category:PR.PT-4: Communications and control networks are protected  + (03:25:05, 23 October 2023)
• Category:DE.AE-3: Event data are collected and correlated from multiple sources and sensors  + (03:25:06, 23 October 2023)
• Category:PROTECT (PR)  + (03:25:06, 23 October 2023)
• Category:Security Continuous Monitoring (DE.CM)  + (03:25:06, 23 October 2023)
• Category:PR.PT-2: Removable media is protected and its use restricted according to policy  + (03:25:06, 23 October 2023)
• Category:PR.AT-3: Third-party stakeholders (e.g., suppliers, customers, partners) understand their roles and responsibilities  + (03:25:06, 23 October 2023)
• Category:DE.CM-6: External service provider activity is monitored to detect potential cybersecurity events  + (03:25:07, 23 October 2023)