NIST CSF 2.0 · All Functions · DE Detect · DE.AE Adverse Event Analysis

DE.AE-07

Implementation examples

• Ex1: Securely provide cyber threat intelligence feeds to detection technologies, processes, and personnel
• Ex2: Securely provide information from asset inventories to detection technologies, processes, and personnel
• Ex3: Rapidly acquire and analyze vulnerability disclosures for the organization's technologies from suppliers, vendors, and third-party security advisories

Mapped NIST 800-53 r5 controls (3)

Mapped CWE weaknesses (1)

Hover any chip for the human-reviewed coverage assessment in each direction. ← = the CWE covers this subcategory; → = this subcategory covers the CWE. F / M / P = full, mostly, partial.

All informative references (35)

• AI-SOC: AI-SOC-05
• AI-SOC: AI-SOC-11
• CCMv4.0: LOG-03
• CCMv4.0: LOG-05
• CCMv4.0: SEF-06
• CRI Profile v2.0: DE.AE-07
• CRI Profile v2.0: DE.AE-07.01
• CRI Profile v2.0: DE.AE-07.02
• CSF v1.1: DE.AE-3
• Guardian-SDK: GS-PF-02
• ISO/IEC 27001:2022: Mandatory Clause: None
• ISO/IEC 27001:2022: Annex A Controls: 5.7
• NICE Framework: DD-WRL-008
• NICE Framework: IO-WRL-001
• NICE Framework: IO-WRL-006
• NICE Framework: PD-WRL-001
• NICE Framework: PD-WRL-006
• OWASP Top 10 LLM Applications: LLM01-2025
• OWASP Top 10 LLM Applications: LLM03-2025
• OWASP Top 10 LLM Applications: LLM04-2025
• PCI DSS: 6.3.1
• PCI DSS: 12.5.1
• PCI DSS: 12.3.4
• PCI DSS: 6.4.3
• SCF: THR-01
• SCF: THR-03
• SDOS: SDOS-DE-01
• SDOS: SDOS-RM-03
• SP 800-171 Rev 3: 03.11.01
• SP 800-53 Rev 5.1.1: PM-16
• SP 800-53 Rev 5.1.1: RA-03
• SP 800-53 Rev 5.1.1: RA-10
• SP 800-53 Rev 5.2.0: PM-16
• SP 800-53 Rev 5.2.0: RA-03
• SP 800-53 Rev 5.2.0: RA-10

Source: NIST Cybersecurity Framework 2.0 · CSF 2.0 → 800-53 mappings sourced from NIST Cybersecurity & Privacy Reference Tool (CPRT) · US government work — attribution requested per NIST Open License Terms. Direct CSF→CWE/CVE cross-references will be added in a Phase B LLM-authored mapping pass (not yet rendered).