| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| ID.RA-01.03 | Vulnerability management | Mitigates | T1072 | Software Deployment Tools |
Comments
This diagnostic statement provides protection from vulnerabilities in exposed applications from across the organization through the use of tools that scan for and review vulnerabilities along with patch management and remediation of those vulnerabilities.
|
| ID.RA-01.03 | Vulnerability management | Mitigates | T1574 | Hijack Execution Flow |
Comments
This diagnostic statement provides protection from vulnerabilities in exposed applications from across the organization through the use of tools that scan for and review vulnerabilities along with patch management and remediation of those vulnerabilities.
|
| ID.RA-01.03 | Vulnerability management | Mitigates | T1495 | Firmware Corruption |
Comments
This diagnostic statement provides protection from vulnerabilities in exposed applications from across the organization through the use of tools that scan for and review vulnerabilities along with patch management and remediation of those vulnerabilities.
|
| ID.RA-01.03 | Vulnerability management | Mitigates | T1211 | Exploitation for Defense Evasion |
Comments
This diagnostic statement provides protection from vulnerabilities in exposed applications from across the organization through the use of tools that scan for and review vulnerabilities along with patch management and remediation of those vulnerabilities.
|
| ID.RA-01.03 | Vulnerability management | Mitigates | T1212 | Exploitation for Credential Access |
Comments
This diagnostic statement provides protection from vulnerabilities in exposed applications from across the organization through the use of tools that scan for and review vulnerabilities along with patch management and remediation of those vulnerabilities.
|
| ID.RA-01.03 | Vulnerability management | Mitigates | T1203 | Exploitation for Client Execution |
Comments
This diagnostic statement provides protection from vulnerabilities in exposed applications from across the organization through the use of tools that scan for and review vulnerabilities along with patch management and remediation of those vulnerabilities.
|
| ID.RA-01.03 | Vulnerability management | Mitigates | T1195 | Supply Chain Compromise |
Comments
This diagnostic statement provides protection from vulnerabilities in exposed applications from across the organization through the use of tools that scan for and review vulnerabilities along with patch management and remediation of those vulnerabilities. Scanning and addressing vulnerabilities in software dependencies can help reduce the attack surface for the organization and protect against adversaries looking for ways to access its systems.
|
| ID.RA-01.03 | Vulnerability management | Mitigates | T1195.001 | Compromise Software Dependencies and Development Tools |
Comments
This diagnostic statement provides protection from vulnerabilities in exposed applications from across the organization through the use of tools that scan for and review vulnerabilities along with patch management and remediation of those vulnerabilities. Scanning and addressing vulnerabilities in software dependencies can help reduce the attack surface for the organization and protect against adversaries looking for ways to access its systems.
|
| ID.RA-01.03 | Vulnerability management | Mitigates | T1195.002 | Compromise Software Supply Chain |
Comments
This diagnostic statement provides protection from vulnerabilities in exposed applications from across the organization through the use of tools that scan for and review vulnerabilities along with patch management and remediation of those vulnerabilities. Scanning and addressing vulnerabilities in software dependencies and development tools can help reduce the attack surface for the organization and protect against adversaries looking for ways to access its systems.
|
| ID.RA-01.03 | Vulnerability management | Mitigates | T1210 | Exploitation of Remote Services |
Comments
This diagnostic statement provides protection from vulnerabilities in exposed applications from across the organization through the use of tools that scan for and review vulnerabilities along with patch management and remediation of those vulnerabilities.
|
| ID.RA-01.03 | Vulnerability management | Mitigates | T1190 | Exploit Public-Facing Application |
Comments
This diagnostic statement provides protection from vulnerabilities in exposed applications from across the organization through the use of tools that scan for and review vulnerabilities along with patch management and remediation of those vulnerabilities.
|