U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

NISTIR 7756 (Retired Draft)

CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture (2nd Draft)

Date Published: January 2012
Comments Due: February 17, 2012 (public comment period is CLOSED)
Email Questions to: fe-comments@nist.gov

Planning Note (10/5/2022): NIST has discontinued additional development of this document, which is provided here in its entirety for historical purposes.


Peter Mell (NIST), David Waltermire (NIST), Larry Feldman (BAH), Harold Booth (NIST), Zach Ragland (BAH), Alfred Ouyang (MITRE), Timothy McBride (DHS)


NIST announces the second public comment release of Draft NIST Interagency Report (NISTIR) 7756, CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture. This publication presents an enterprise continuous monitoring technical reference architecture that extends the framework provided by the Department of Homeland Security's CAESARS architecture. The goal is to facilitate enterprise continuous monitoring by presenting a reference architecture that enables organizations to aggregate collected data from across a diverse set of security tools, analyze that data, perform scoring, enable user queries, and provide overall situational awareness. The model design is focused on enabling organizations to realize this capability by leveraging their existing security tools and thus avoiding complicated and resource intensive custom tool integration efforts.



Continuous Asset Evaluation, Situational Awareness and Risk Scoring (CAESARS); continuous monitoring
Control Families

Audit and Accountability; Assessment, Authorization and Monitoring; Configuration Management; Incident Response; Maintenance; Risk Assessment; System and Communications Protection


Draft NISTIR 7756 (2nd public draft)

Supplemental Material:
None available

Related NIST Publications:
NISTIR 7799 (Retired Draft)
NISTIR 7800 (Retired Draft)

Document History:
01/06/12: NISTIR 7756 (Draft)