NIST 800-171

Automated Threat Detection and NIST 800-171 Compliance

Blumira’s security platform helps your organization easily meet and exceed NIST 800-171 compliance requirements including Audit and Accountability controls.

This provides guidelines on how Blumira helps address the needs of NIST 800-171 rev2 02/2020 Audit and Accountability.

Section 3.3 Audit and Accountability

Basic Security Requirements

3.3.1 Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity.
3.3.2 Ensure that the actions of individual system users can be uniquely traced to those users so they can be held accountable for their actions.

Derived Security Requirements

3.3.3 Review and update logged events.
3.3.4 Alert in the event of an audit logging process failure.
3.3.5 Correlate audit record review, analysis, and reporting processes for investigation and response to indications of unlawful, unauthorized, suspicious, or unusual activity
3.3.6 Provide audit record reduction and report generation to support ondemand analysis and reporting.
3.3.7 Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records.
3.3.8 Protect audit information and audit logging tools from unauthorized access, modification, and deletion.
3.3.9 Limit management of audit logging functionality to a subset of privileged users
References: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-171r2.pdf