Continuous Monitoring/End Point Detection and Response
What the rule calls Continuous Monitoring is commonly called Endpoint Detection and Response or EDR in the IT world. It involves engaging a Security Operation Center or SOC to monitor your network 24/7/365 to detect intrusion attempts and shut them down.
314.4 (d) (2)
For information systems, the monitoring and testing shall include continuous monitoring or periodic penetration testing and vulnerability assessments. Absent effective continuous monitoring or other systems to detect, on an ongoing basis, changes in information systems that may create vulnerabilities, you shall conduct:
(i) Annual penetration testing of your information systems determined each given year based on relevant identified risks in accordance with the risk assessment; and
(ii) Vulnerability assessments, including any systemic scans or reviews of information systems reasonably designed to identify publicly known security vulnerabilities in your information systems based on the risk assessment, at least every six months; and whenever there are material changes to your operations or business arrangements; and whenever there are circumstances you know or have reason to know may have a material impact on your information security program.
AgileBlue provides fully managed endpoint protection backed by our 24/7 U.S. based SOC. We are able to automatically isolate and prevent attacks, drive centralized hunting and detection, and enable interactive response. Our SOC + Endpoint Protection (EDR) helps to extend our monitoring of the cloud, network, and devices by providing an additional layer of security for endpoints. With this layer of protection, we offer you the peace of mind you need, so you can rest easy.