The NIST Compliance Automation Suite provides pre-bundled Investigations, Correlation Rules, Alarms, and Reports that are designed to support core National Institute of Standards & Technology (NIST) requirements. Specifically, the focus is placed on 800-53 rev.5 as a base, 800-171 as a subset focusing on Controlled Unclassified Information (CUI), and Cyber Security Framework (CSF) as a security best practice. This pre-bundled content is automatically associated with the correct NIST control objectives, from the previously mentioned special publications, that are supported by LogRhythm Enterprise. Various lists are also available, some of which are preconfigured and others that can be catered to your environment, processes, and system classifications.
Of the 512 controls (across 800-53 rev.5, 800-171, & CSF), the LogRhythm NextGen SIEM Platform supports 265 of those controls. LogRhythm’s core set of content that is offered through the Consolidated Compliance Framework (CCF) is mapped to NIST controls, offering a streamlined approach to compliance through SIEM technology. LogRhythm NextGen SIEM Platform technology and content align with the five core objectives in CSF: Identify, Protect, Detect, Respond, and Recover. Keep in mind that the degree of support varies based on an organization’s control design and interpretation.
The breakdown of LogRhythm support is as follows:
- NIST 800-53 rev.5 [139/294 controls supported]
- NIST 800-171 [64/110 controls supported]
- NIST CSF [62/108 controls supported]
With each audience involved in NIST audits having varying objectives, content packages from the SIEM can be customized and delivered by configuring Report Packages for scheduled generation and on-demand. To identify areas of non-compliance in real-time, you can leverage Investigations and Alarms for immediate analysis of activities that impact your organization's critical systems.
Incident Response is a core aspect of this suite as correlation rules and investigations are specifically designed to work with LogRhythm’s Case Management and Web Console. You can easily add forensic evidence to Cases as you build your understanding of the incident at hand and centralize your evidence for authorities to review. Further, Web Console dashboards can be created according to the needs of those parties involved with the NIST compliance program.
LogRhythm’s goal is to recognize the changing needs of an organization’s pursuit of compliance as this follows a maturity module. The LogRhythm Compliance Maturity Model not only demonstrates an adaptable, dynamic road-map to compliance, but bridges the gap as the organization transitions into a better security posture and begins maturing their own internal security organization.