Skip to content
Home / Function (NIST CSF 2.0)

DE – Detect

The Detect (DE) Function is the primary monitoring pillar of the NIST Cybersecurity Framework (CSF) 2.0, operating as the “early warning” engine since its inception to provide a unified response to potential system compromises. The DE Function supports both Security Operations Centers (SOC) and risk managers by offering a structured approach to continuous observation and anomaly analysis to reduce the “dwell time” of attackers and to help make the enterprise the safest place to host sensitive digital services. Acting as the framework’s “radar,” the DE Function monitors network traffic and physical access for unauthorized activity, issues alerts based on established baselines and threat intelligence, coordinates with the Protect function to verify the effectiveness of safeguards, and serves as the single point of discovery for cybersecurity events, ensuring a coordinated and resilient proactive approach to threat detection.

ISO/IEC 27004:2016 Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation

ISO/IEC 27004 is an international standard that provides guidelines for monitoring, measuring, analyzing, and evaluating the performance and effectiveness of an Information Security Management System (ISMS) based on ISO/IEC 27001.… Read More »ISO/IEC 27004:2016 Information technology — Security techniques — Information security management — Monitoring, measurement, analysis and evaluation