Skip to main content
 
 
 
Splunk Lantern

Monitoring NIST SP 800-53 rev5 control families

 

You work in IT for the United States Department of Defense (DoD). You know that according to DoD Instruction 8510.1, which establishes the Risk Management Framework (RMF) for DoD IT, you need to monitor the control families listed in NIST SP 800-53 rev5. This use case provides searches you can run to meet the technical controls specified in SP 800-53 rev5 in support of the NIST Risk Management Framework (SP 800-37), both referenced in DoD 8510.1. Due to your diverse technology environment, you need a vendor-agnostic view to enable your teams to look across the various components of their organizations and assess their posture with respect to the relevant technical security controls.

How to use Splunk software for this use case

You can run many searches with Splunk software to help ensure compliance with risk management requirements. Depending on what information you have available, you might find it useful to work on some or all of the following control families:

Next steps

The guides for each control can help you create an easy path to consolidate and automate collection of compliance relevant status information for on-prem, in the cloud, or across hybrid environments. Use the searches for continuous monitoring: develop a security and privacy continuous monitoring strategy and implement security and privacy monitoring programs.

These additional Splunk resources might help you understand and implement this use case:

Splunk OnDemand Services: Use these credit-based services for direct access to Splunk technical consultants with a variety of technical services from a pre-defined catalog. Most customers have OnDemand Services per their license support plan. Engage the ODS team at ondemand@splunk.com if you would like assistance.