MON-16
Anomalous Behavior
Description
Mechanisms exist to utilize User & Entity Behavior Analytics (UEBA) and/or User Activity Monitoring (UAM) solutions to detect and respond to anomalous behavior that could indicate account compromise or other malicious activities.
Control Question
Does the organization utilize User & Entity Behavior Analytics (UEBA) and/or User Activity Monitoring (UAM) solutions to detect and respond to anomalous behavior that could indicate account compromise or other malicious activities?
Control Metadata
Domain:
Continuous Monitoring
Validation Cadence:
Semi-Annual
Evidence Request List:
E-IRO-02 E-MON-07
Framework Mappings
This control maps to the following compliance frameworks
MAS TRM
9.2.211.5.512.2.4
HKIA GL20
4.14.24.3