The National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) was developed by NIST as a voluntary framework that consists of standards, guidelines and best practices to manage cybersecurity risk
Link to NIST CSF documentation: https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf
Link to download NIST CSF content pack: https://cortex.marketplace.pan.dev/marketplace/details/XSIAMCompliance_NIST_CSF/
NIST CSF | Widget Name | Description |
|---|---|---|
NIST CSF: Identity Management and Access Control | Identify | Implement policies and procedures to monitor the identity of users, devices, and processes. Use this widget to query targeted clients. |
NIST CSF: Asset Management | System Management | Implement policies and procedures to ensure the integrity of systems and data. Use this widget to query endpoint upgrade status. |
NIST CSF: Maintenance | Maintenance | Implement policies and procedures to establish processes and controls for ongoing maintenance. Use this widget to query endpoint information. |
NIST CSF: Incident Response | Threat Protection/Incident Response | Implement policies and procedures to detect, respond to, and recover from security incidents. Use this widget to query incidents. |
NIST CSF: Intrusion detection and prevention | Continuous Monitoring | Implement policies and procedures to assess, authorize, and monitor systems. Use this widget to query RDP and SMB access. |
NIST CSF: Vuln Management | Vulnerability Management | Implement policies and procedures to monitor systems and services. Use this widget to query host application versions. |
NIST CSF: Planning | Planning | Implement policies and procedures to manage cybersecurity products. Use this widget to query update history. |
NIST CSF: Risk Assessment | Risk Assessment | Implement policies and procedures to identify, assess, and mitigate risks to data. Use this widget to query browser versions. |
NIST CSF: Data Security | Transmission/Network Security | Implement policies and procedures to protect and monitor communications channels. Use this widget to monitor top triggered network rules. |
V1 required data source(s): XDM
V2 required data source(s): xdr_data, host_inventory, endpoints, incidents, pan_ngfw_traffic_raw
Requirements
This compliance pack pulls information from Cortex XSIAM that has been ingested and mapped to the following data sources. In order for the dashboards and reports to function properly it is important that these sources have ingested data.