Skip to main content

Detection Coverage

Objective

Evaluate whether implemented controls generate detectable and actionable security events.

Coverage Areas

Failed authentication attempts
Firewall rule violations
Privileged access usage
Service crashes or anomalies

Gap Analysis

For each risk scenario:

Is there a corresponding detection mechanism?
Is alerting configured?
Is testing performed?

Current Gaps

No automated correlation engine
Limited alert prioritization
Manual validation required

Improvement Roadmap

Expand detection rules
Formalize testing procedures
Define alert classification levels

Objective
Coverage Areas
Gap Analysis
Current Gaps
Improvement Roadmap