| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1001 | Data Obfuscation |
Comments
This diagnostic statement protects against Data Obfuscation through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1001.001 | Junk Data |
Comments
This diagnostic statement protects against Junk Data through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1001.002 | Steganography |
Comments
This diagnostic statement protects against Steganography through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1001.003 | Protocol or Service Impersonation |
Comments
This diagnostic statement protects against Protocol or Service Impersonation through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1008 | Fallback Channels |
Comments
This diagnostic statement protects against Fallback Channels through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1021 | Remote Services |
Comments
This diagnostic statement protects against Remote Services through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1021.001 | Remote Desktop Protocol |
Comments
This diagnostic statement protects against Remote Desktop Protocol through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1021.002 | SMB/Windows Admin Shares |
Comments
This diagnostic statement protects against SMB/Windows Admin Shares through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1021.005 | VNC |
Comments
This diagnostic statement protects against VNC through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1029 | Scheduled Transfer |
Comments
This diagnostic statement protects against Scheduled Transfer through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1030 | Data Transfer Size Limits |
Comments
This diagnostic statement protects against Data Transfer Size Limits through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1041 | Exfiltration Over C2 Channel |
Comments
This diagnostic statement protects against Exfiltration Over C2 Channel through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1046 | Network Service Discovery |
Comments
This diagnostic statement protects against Network Service Discovery through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1048 | Exfiltration Over Alternative Protocol |
Comments
This diagnostic statement protects against Exfiltration Over Alternative Protocol through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1048.001 | Exfiltration Over Symmetric Encrypted Non-C2 Protocol |
Comments
This diagnostic statement protects against Exfiltration Over Symmetric Encrypted Non-C2 Protocol through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1048.002 | Exfiltration Over Asymmetric Encrypted Non-C2 Protocol |
Comments
This diagnostic statement protects against Exfiltration Over Asymmetric Encrypted Non-C2 Protocol through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1048.003 | Exfiltration Over Unencrypted Non-C2 Protocol |
Comments
This diagnostic statement protects against Exfiltration Over Unencrypted Non-C2 Protocol through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1071 | Application Layer Protocol |
Comments
This diagnostic statement protects against Application Layer Protocol through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1071.001 | Web Protocols |
Comments
This diagnostic statement protects against Web Protocols through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1071.002 | File Transfer Protocols |
Comments
This diagnostic statement protects against File Transfer Protocols through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1071.003 | Mail Protocols |
Comments
This diagnostic statement protects against Mail Protocols through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1071.004 | DNS |
Comments
This diagnostic statement protects against DNS through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1071.005 | Publish/Subscribe Protocols |
Comments
This diagnostic statement protects against Publish/Subscribe Protocols through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1090 | Proxy |
Comments
This diagnostic statement protects against Proxy through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1090.001 | Internal Proxy |
Comments
This diagnostic statement protects against Internal Proxy through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1090.002 | External Proxy |
Comments
This diagnostic statement protects against External Proxy through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1090.003 | Multi-hop Proxy |
Comments
This diagnostic statement protects against Multi-hop Proxy through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1095 | Non-Application Layer Protocol |
Comments
This diagnostic statement protects against Non-Application Layer Protocol through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1102 | Web Service |
Comments
This diagnostic statement protects against Web Service through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1102.001 | Dead Drop Resolver |
Comments
This diagnostic statement protects against Dead Drop Resolver through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1102.002 | Bidirectional Communication |
Comments
This diagnostic statement protects against Bidirectional Communication through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1102.003 | One-Way Communication |
Comments
This diagnostic statement protects against One-Way Communication through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1104 | Multi-Stage Channels |
Comments
This diagnostic statement protects against Multi-Stage Channels through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1105 | Ingress Tool Transfer |
Comments
This diagnostic statement protects against Ingress Tool Transfer through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1132 | Data Encoding |
Comments
This diagnostic statement protects against Data Encoding through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1132.001 | Standard Encoding |
Comments
This diagnostic statement protects against Standard Encoding through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1132.002 | Non-Standard Encoding |
Comments
This diagnostic statement protects against Non-Standard Encoding through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1133 | External Remote Services |
Comments
This diagnostic statement protects against External Remote Services through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1187 | Forced Authentication |
Comments
This diagnostic statement protects against Forced Authentication through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1197 | BITS Jobs |
Comments
This diagnostic statement protects against BITS Jobs through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1200 | Hardware Additions |
Comments
This diagnostic statement protects against Hardware Additions through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1204 | User Execution |
Comments
This diagnostic statement protects against User Execution through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1204.001 | Malicious Link |
Comments
This diagnostic statement protects against Malicious Link through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1204.003 | Malicious Image |
Comments
This diagnostic statement protects against Malicious Image through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1205 | Traffic Signaling |
Comments
This diagnostic statement protects against Traffic Signaling through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1205.001 | Port Knocking |
Comments
This diagnostic statement protects against Port Knocking through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1205.002 | Socket Filters |
Comments
This diagnostic statement protects against Socket Filters through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1218 | System Binary Proxy Execution |
Comments
This diagnostic statement protects against System Binary Proxy Execution through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1218.012 | Verclsid |
Comments
This diagnostic statement protects against Verclsid through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1219 | Remote Access Software |
Comments
This diagnostic statement protects against Remote Access Software through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1221 | Template Injection |
Comments
This diagnostic statement protects against Template Injection through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1498 | Network Denial of Service |
Comments
This diagnostic statement protects against Network Denial of Service through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1498.001 | Direct Network Flood |
Comments
This diagnostic statement protects against Direct Network Flood through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1498.002 | Reflection Amplification |
Comments
This diagnostic statement protects against Reflection Amplification through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1499 | Endpoint Denial of Service |
Comments
This diagnostic statement protects against Endpoint Denial of Service through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1499.001 | OS Exhaustion Flood |
Comments
This diagnostic statement protects against OS Exhaustion Flood through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1499.002 | Service Exhaustion Flood |
Comments
This diagnostic statement protects against Service Exhaustion Flood through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1499.003 | Application Exhaustion Flood |
Comments
This diagnostic statement protects against Application Exhaustion Flood through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1499.004 | Application or System Exploitation |
Comments
This diagnostic statement protects against Application or System Exploitation through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1530 | Data from Cloud Storage |
Comments
This diagnostic statement protects against Data from Cloud Storage through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1537 | Transfer Data to Cloud Account |
Comments
This diagnostic statement protects against Transfer Data to Cloud Account through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1542 | Pre-OS Boot |
Comments
This diagnostic statement protects against Pre-OS Boot through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1542.004 | ROMMONkit |
Comments
This diagnostic statement protects against ROMMONkit through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1542.005 | TFTP Boot |
Comments
This diagnostic statement protects against TFTP Boot through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1546 | Event Triggered Execution |
Comments
This diagnostic statement protects against Event Triggered Execution through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1546.008 | Accessibility Features |
Comments
This diagnostic statement protects against Accessibility Features through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1552 | Unsecured Credentials |
Comments
This diagnostic statement protects against Unsecured Credentials through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1552.005 | Cloud Instance Metadata API |
Comments
This diagnostic statement protects against Cloud Instance Metadata API through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1552.007 | Container API |
Comments
This diagnostic statement protects against Container API through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1557 | Adversary-in-the-Middle |
Comments
This diagnostic statement protects against Adversary-in-the-Middle through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1557.001 | LLMNR/NBT-NS Poisoning and SMB Relay |
Comments
This diagnostic statement protects against LLMNR/NBT-NS Poisoning and SMB Relay through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1557.002 | ARP Cache Poisoning |
Comments
This diagnostic statement protects against ARP Cache Poisoning through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1557.003 | DHCP Spoofing |
Comments
This diagnostic statement protects against DHCP Spoofing through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1557.004 | Evil Twin |
Comments
This diagnostic statement protects against Evil Twin through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1563 | Remote Service Session Hijacking |
Comments
This diagnostic statement protects against Remote Service Session Hijacking through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1563.002 | RDP Hijacking |
Comments
This diagnostic statement protects against RDP Hijacking through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1566 | Phishing |
Comments
This diagnostic statement protects against Phishing through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1566.001 | Spearphishing Attachment |
Comments
This diagnostic statement protects against Spearphishing Attachment through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1568 | Dynamic Resolution |
Comments
This diagnostic statement protects against Dynamic Resolution through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1568.002 | Domain Generation Algorithms |
Comments
This diagnostic statement protects against Domain Generation Algorithms through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1570 | Lateral Tool Transfer |
Comments
This diagnostic statement protects against Lateral Tool Transfer through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1571 | Non-Standard Port |
Comments
This diagnostic statement protects against Non-Standard Port through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1572 | Protocol Tunneling |
Comments
This diagnostic statement protects against Protocol Tunneling through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1573 | Encrypted Channel |
Comments
This diagnostic statement protects against Encrypted Channel through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1573.001 | Symmetric Cryptography |
Comments
This diagnostic statement protects against Symmetric Cryptography through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1573.002 | Asymmetric Cryptography |
Comments
This diagnostic statement protects against Asymmetric Cryptography through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1599 | Network Boundary Bridging |
Comments
This diagnostic statement protects against Network Boundary Bridging through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1599.001 | Network Address Translation Traversal |
Comments
This diagnostic statement protects against Network Address Translation Traversal through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1602 | Data from Configuration Repository |
Comments
This diagnostic statement protects against Data from Configuration Repository through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1602.001 | SNMP (MIB Dump) |
Comments
This diagnostic statement protects against SNMP (MIB Dump) through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1602.002 | Network Device Configuration Dump |
Comments
This diagnostic statement protects against Network Device Configuration Dump through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1609 | Container Administration Command |
Comments
This diagnostic statement protects against Container Administration Command through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1610 | Deploy Container |
Comments
This diagnostic statement protects against Deploy Container through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1612 | Build Image on Host |
Comments
This diagnostic statement protects against Build Image on Host through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|
| PR.IR-01.03 | Network communications integrity and availability | Mitigates | T1613 | Container and Resource Discovery |
Comments
This diagnostic statement protects against Container and Resource Discovery through the use of secure network configurations, architecture, implementations of zero trust architecture, and segmentation.
|