FD
Forwarded Deployed CISO
Acme Health

Defensive Playbooks & Standards

NIST CSF 2.0 Defensive Standards

Implement, track, and verify the administrative templates, detection configs, and recovery workflows needed to secure client systems and satisfy framework guidelines.

NIST CSF 2.0: ID.AM-01

Asset Discovery & Critical Asset Inventory

Maintain a comprehensive, automated inventory of physical devices, software platforms, and cloud resources.

Standard Configuration
# Asset Inventory Discovery Standards
- Enable cloud-native asset discovery (AWS Config / Azure Resource Graph / GCP Asset Inventory).
- Scan internal networks weekly to identify unmanaged nodes.
- Maintain owner mappings and data classification tags for all sensitive data stores.
Incident/Operations Template
### 📋 Critical Asset Discovery Workflow
1. **Cloud Discovery**: Setup cloud connector integrations.
2. **Network Discovery**: Run a subnet ping sweep and Nmap discovery scan.
3. **Data Classification**: Classify assets handling PHI, PII, or PCI-DSS.
4. **Owner Assignment**: Define a system owner for every identified system.
5. **Review Schedule**: Conduct a formal inventory review quarterly.

Submit application for analysis

Use this on every page to send this module into AI/MCP analysis workflows.