After this lesson, you will be able to: Apply Identify: asset management, business environment, risk assessment, governance.
Identify is the foundation. You can't protect what you don't know exists. This function covers asset inventory, business context, risk strategy, and supply chain awareness.
Asset Management (ID.AM), hardware, software, data, people inventoried. Business Environment (ID.BE), your role in supply chains. Governance (ID.GV), policies, legal/regulatory. Risk Assessment (ID.RA), covered in RMG track. Risk Management Strategy (ID.RM), appetite, tolerance. Supply Chain Risk Management (ID.SC), vendors.
1. CMDB (Configuration Management DB), central asset list.
2. Active discovery. Nmap, agent telemetry.
3. Cloud inventory. AWS Config, Azure Resource Graph, GCP Cloud Asset.
4. Data inventory, what data, where, classified how.
5. Vendor list, who has access to your data.
SaaS sprawl, employees sign up for tools without IT approval. CASB (Cloud Access Security Broker) tools find these. Surveys + expense reports find more.
Sign in and purchase access to unlock this lesson.