Home
Mapping Frameworks
CRI Profile Home
Data loss prevention

CRI Profile PR.DS-01.02

The organization implements data loss identification and prevention tools to monitor and protect against confidential data theft or destruction by an employee or an external actor.

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
PR.DS-01.02	Data loss prevention	Mitigates	T1537	Transfer Data to Cloud Account	Comments The use of data loss prevention controls may mitigate the techniques related to data leakage and loss from local systems, automated exfiltration, and exfiltration over non-approved services.
PR.DS-01.02	Data loss prevention	Mitigates	T1567.004	Exfiltration Over Webhook	Comments The use of data loss prevention controls may mitigate the techniques related to data leakage and loss from local systems, automated exfiltration, and exfiltration over non-approved services.
PR.DS-01.02	Data loss prevention	Mitigates	T1052.001	Exfiltration over USB	Comments The use of data loss prevention controls may mitigate the techniques related to data leakage and loss from local systems, automated exfiltration, and exfiltration over non-approved services.
PR.DS-01.02	Data loss prevention	Mitigates	T1052	Exfiltration Over Physical Medium	Comments The use of data loss prevention controls may mitigate the techniques related to data leakage and loss from local systems, automated exfiltration, and exfiltration over non-approved services.
PR.DS-01.02	Data loss prevention	Mitigates	T1041	Exfiltration Over C2 Channel	Comments The use of data loss prevention controls may mitigate the techniques related to data leakage and loss from local systems, automated exfiltration, and exfiltration over non-approved services.
PR.DS-01.02	Data loss prevention	Mitigates	T1048.003	Exfiltration Over Unencrypted Non-C2 Protocol	Comments The use of data loss prevention controls may mitigate the techniques related to data leakage and loss from local systems, automated exfiltration, and exfiltration over non-approved services.
PR.DS-01.02	Data loss prevention	Mitigates	T1048.002	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	Comments The use of data loss prevention controls may mitigate the techniques related to data leakage and loss from local systems, automated exfiltration, and exfiltration over non-approved services.
PR.DS-01.02	Data loss prevention	Mitigates	T1048	Exfiltration Over Alternative Protocol	Comments The use of data loss prevention controls may mitigate the techniques related to data leakage and loss from local systems, automated exfiltration, and exfiltration over non-approved services.
PR.DS-01.02	Data loss prevention	Mitigates	T1025	Data from Removable Media	Comments The use of data loss prevention controls may mitigate the techniques related to data leakage and loss from local systems, automated exfiltration, and exfiltration over non-approved services.
PR.DS-01.02	Data loss prevention	Mitigates	T1005	Data from Local System	Comments The use of data loss prevention controls may mitigate the techniques related to data leakage and loss from local systems, automated exfiltration, and exfiltration over non-approved services.
PR.DS-01.02	Data loss prevention	Mitigates	T1020.001	Traffic Duplication	Comments The use of data loss prevention controls may mitigate the techniques related to data leakage and loss from local systems, automated exfiltration, and exfiltration over non-approved services.