Rate Limiting on Metric Generation | CCC

Skip to main content

CCC.Monitor.C02: Rate Limiting on Metric Generation

Control ID:CCC.Monitor.C02

Title:Rate Limiting on Metric Generation

Objective:Prevent Malicious Actor or misconfiguration from flooding services with metric data.

Control Family:

Logging & Monitoring

Related Threats

ID	Title	Description	External Mappings	Capability Mappings	Control Mappings
CCC.Monitor.TH06	Cost Exhaustion Through Tampered Alerts or Metrics Collection	Monitoring systems are expected to generate traffic, but it a malicious actor were to change alerts that were being fired at an API which charged per requests or generate large volumes of metric data which would then need to be stored and processed, or even triggering resource scaling, this would cause an increase in cloud bill.	1	1	0

Guideline Mappings

Reference ID	Entry ID	Strength	Remarks
NIST-CSF	DE.CM-01	0	-
NIST_800_53	SC-5(2)	0	-
NIST_800_53	CA-7	0	-
NIST_800_53	SI-4	0	-

Assessment Requirements

ID	Description	Applicability
CCC.Monitor.C02.TR01	When an Custom or User-Defined Metric starts to flood a collector, then a rate limit MUST be applied to reduce the network impact of traffic and an alert must triggered.	tlp-clear tlp-green tlp-amber tlp-red