Date Published: January 2012
Comments Due: February 17, 2012 (public comment period is CLOSED)
Email Questions to:
fe-comments@nist.gov
Planning Note (10/05/2022):
NIST has discontinued additional development of this document, which is provided here in its entirety for historical purposes.
NIST announces the second public comment release of Draft NIST Interagency Report (NISTIR) 7756, CAESARS Framework Extension: An Enterprise Continuous Monitoring Technical Reference Architecture. This publication presents an enterprise continuous monitoring technical reference architecture that extends the framework provided by the Department of Homeland Security's CAESARS architecture. The goal is to facilitate enterprise continuous monitoring by presenting a reference architecture that enables organizations to aggregate collected data from across a diverse set of security tools, analyze that data, perform scoring, enable user queries, and provide overall situational awareness. The model design is focused on enabling organizations to realize this capability by leveraging their existing security tools and thus avoiding complicated and resource intensive custom tool integration efforts.
Audit and Accountability; Assessment, Authorization and Monitoring; Configuration Management; Incident Response; Maintenance; Risk Assessment; System and Communications Protection
Publication:
Draft NISTIR 7756 (2nd public draft) (pdf)
Supplemental Material:
None available
Related NIST Publications:
Document History:
01/06/12: IR 7756 (Draft)
audit & accountability, continuous monitoring, incident response, maintenance, security automation, threats
Laws and RegulationsFederal Information Security Modernization Act, OMB Circular A-130