Security Monitoring & Detection

Description

Security Monitoring & Detection represents the capability responsible for collecting and analysing security events across the Scheol Lab infrastructure.

It allows the detection of suspicious behaviour, system anomalies and potential security incidents.

Asset Identification

Attribute	Value
Asset ID	BUS-MON-01
CI Type	Business
Asset Name	Security Monitoring & Detection
Asset Category	Security Operations Capability
Owner	Security Role (Sec)
Status	Planned
Location	Internal infrastructure
Primary Function	Detection of malicious or abnormal activity

Asset Dependencies

Dependency Type	Asset	Status
Platform	Logging & SIEM Hosts	Planned
Data Source	Log Data	Planned

Relationships

Relationship	Target CI
Uses	Logging & SIEM Hosts
Uses	Log Data

Asset Classification

Criteria	Level
Confidentiality	🟨 Medium
Integrity	🟥 High
Availability	🟨 Medium

Criticality score: 🟥 High

Responsibilities

Role	Responsibility
Security Role (Sec)	Monitoring rules and incident detection
Operations Role (Ops)	Infrastructure hosting monitoring tools

Security Controls (High-Level)

Centralized log collection
Security event analysis
Monitoring dashboards
Alerting mechanisms

Security Considerations

The absence or failure of monitoring may delay detection of security incidents.

Controls focus on log integrity, monitoring coverage and alerting capabilities.

Methodological References:

ISO 27001 - Control 8.15 Logging ; Control 8.16 Monitoring activities.

NIST CSF - DE.CM Continuous Monitoring.

*EBIOS RM - Detection capabilities.

Description​

Asset Identification​

Asset Dependencies​

Relationships​

Asset Classification​

Responsibilities​

Security Controls (High-Level)​

Security Considerations​