The UAE-NESA Compliance Automation Suite provides pre-bundled Investigations, Correlation Rules, Alarms, and Reports that are designed for the United Arab Emirates (UAE) National Electronic Security Authority (NESA) standards. This pre-bundled content is automatically associated with the correct UAE-NESA control objectives that are supported by LogRhythm Enterprise. Various lists are also available, some of which are preconfigured and others that can be catered to your environment, processes, and system classifications.
Various parties involved in UAE-NESA audits can have content packaged and delivered by configuring Report Packages for periodic generation and delivery or generate them on demand. To identify areas of non-compliance in real-time, you can leverage Investigations and Alarms for immediate analysis of activities that impact your organization's critical systems.
Incident Response is a core aspect of this suite as correlation rules and investigations are specifically designed to work with LogRhythm’s Case Management and Web Console. You can easily add forensic evidence to Cases as you build your understanding of the incident at hand and centralize your evidence for authorities to review. Further, Web Console dashboards can be created according to the needs of those parties involved with the UAE-NESA compliance program.
LogRhythm has adopted Consolidated Control Framework (CCF) approach to find common control approaches across various frameworks. This approach has been applied to the UAE-NESA Compliance Automation Suite to help organizations streamline compliance objectives. All objects associated with this module follow the ‘CCF: XXX’ naming convention and utilize a restricted view to only allow those appropriate individuals to see UAE-NESA specific content.
New profiles can be created for the Global Administrator, Global Analyst, Restricted Administrator, Restricted Analyst, and Web Service Administrator security roles. The security roles enable the administrator to assign access to specific objects within the Entity to individual users. For example, many Restricted Analysts can be given access to Entity A, but not access to the same Log Sources within Entity A. Restricted Analyst 1 can have access to Log Sources 1, 2, and 3 on Entity A, while Restricted Analyst 2 has access to Log Sources 4, 5, and 6 on Entity A. This allows the organization to limit access to data and compliance content according to compliance needs.
This UAE-NESA User Guide contains information about the following components in this module: