Implementation of the 'Detect' Function of the NIST CSF

Client context

As part of an integrated approach aimed at implementing the five pillars of the NIST framework, the client requested our expertise to help establish detection mechanisms that comply with the framework’s requirements.

Objectives and scope

To meet this demand, we agreed on the following key steps in collaboration with the client:

  • .Evaluation of existing detection capabilities;
  • .Based on the conclusions of this evaluation:
  • Improvement of detection capabilities by deploying specific use cases aligned with risks inherent to the client’s sector of activity and geographical region;
  • .Development of incident response procedures, or « playbooks », designed to facilitate the processing of alerts by the client’s internal SOC team.

Key deliverables

  • .Detection capabilities assessment report;
  • .Risk modeling report associated with the client’s sector;
  • .Library of use cases derived from identified risks;
  • .RASCI matrix;
  • .Metrics and KPIs;
  • .Response procedures for alerts (« playbooks »).
qtq_95-1.webp

Contacts Info

contact@bluesec.net

Opening Hour

Mon-Fri: 9:00AM - 6:00PM

Location

Lot El Mers 3/44, Office No. 50, 3rd Floor, Boulevard Zoulikha Nasri, Sidi Maarouf, Casablanca