CIS Controls v8

CIS 13 Network Monitoring and Defense

Starts in IG2 | Detect suspicious network behavior and attack patterns.

Implementation Actions

Collect network telemetry.
Deploy alerting for high-risk patterns.
Integrate detections into incident workflows.

Evidence Examples

Network detection use cases
Investigation records
Sensor coverage matrix

Suggested Metrics

Network detection MTTD
True-positive alert ratio

Navigation

Back to All 18 CIS Controls NIST CSF 2.0 Guidance FedRAMP Guidance Cybersecurity Glossary