EINSTEIN 2

E97783

cybersecurity system federal intrusion detection system

EINSTEIN 2 is a U.S. federal intrusion detection system that monitors government network traffic for known cyber threats as part of the broader EINSTEIN cybersecurity program.

Jump to: Surface forms Statements Referenced by

Observed surface forms (1)

Surface form	Occurrences
EINSTEIN 1	1

Statements (43)

Predicate	Object
instanceOf	cybersecurity system ⓘ federal intrusion detection system ⓘ
abbreviation	E2 ⓘ
architectureRole	sensor layer of the EINSTEIN program ⓘ
associatedWith	National Cybersecurity Protection System ⓘ
basedOn	network intrusion detection technology ⓘ
country	United States of America ⓘ surface form: United States
dataTypeMonitored	network flow data ⓘ packet header information ⓘ
deploymentModel	centralized monitoring at internet access points ⓘ
designedFor	real-time network monitoring ⓘ
detects	known cyber threats ⓘ malicious network traffic signatures ⓘ
distinguishedFrom	EINSTEIN 3 ⓘ surface form: EINSTEIN 3 Accelerated
focus	known threat signatures rather than zero-day attacks ⓘ
followedBy	EINSTEIN 3 ⓘ
goal	early detection of cyber intrusions ⓘ improving situational awareness of federal network security ⓘ
implementedBy	National Cybersecurity Protection System ⓘ surface form: US-CERT National Cybersecurity and Communications Integration Center ⓘ surface form: United States Computer Emergency Readiness Team
monitors	U.S. federal government network traffic ⓘ traffic entering federal networks ⓘ traffic leaving federal networks ⓘ
operatedBy	National Cybersecurity and Communications Integration Center ⓘ surface form: DHS Office of Cybersecurity and Communications United States Department of Homeland Security ⓘ surface form: U.S. Department of Homeland Security
owner	U.S. federal government NERFINISHED ⓘ
partOf	EINSTEIN ⓘ surface form: EINSTEIN program
policyConcern	privacy and civil liberties ⓘ
predecessor	EINSTEIN 2 self-linksurface differs ⓘ surface form: EINSTEIN 1
purpose	intrusion detection ⓘ monitoring known cyber threats ⓘ protecting federal civilian executive branch networks ⓘ
regulatoryFramework	Federal Information Security Management Act of 2002 ⓘ surface form: FISMA Federal Information Security Management Act of 2002 ⓘ surface form: Federal Information Security Management Act
relatedTo	CDM program ⓘ Continuous Diagnostics and Mitigation tools ⓘ surface form: Continuous Diagnostics and Mitigation program
scope	federal civilian executive branch agencies ⓘ
securityDomain	intrusion detection ⓘ network security ⓘ
targetUser	federal civilian agencies security operations centers ⓘ
technologyType	network perimeter monitoring system ⓘ
threatIntelligenceSource	US-CERT signatures and indicators of compromise ⓘ
uses	signature-based detection ⓘ

Referenced by (2)

Full triples — surface form annotated when it differs from this entity's canonical label.

EINSTEIN 2 → predecessor → EINSTEIN 2 self-linksurface differs ⓘ

this entity surface form: EINSTEIN 1

National Cybersecurity Protection System → relatedTo → EINSTEIN 2 ⓘ