| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1599.001 | Network Address Translation Traversal |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1599 | Network Boundary Bridging |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1555.006 | Cloud Secrets Management Stores |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1552.002 | Credentials in Registry |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1548.003 | Sudo and Sudo Caching |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1548.002 | Bypass User Account Control |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1546.003 | Windows Management Instrumentation Event Subscription |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1542.005 | TFTP Boot |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1505.001 | SQL Stored Procedures |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1505.002 | Transport Agent |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1200 | Hardware Additions |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1134.002 | Create Process with Token |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1134.001 | Token Impersonation/Theft |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1134.003 | Make and Impersonate Token |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1133 | External Remote Services |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1136.001 | Local Account |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1136.002 | Domain Account |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1136.003 | Cloud Account |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1021.001 | Remote Desktop Protocol |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1021 | Remote Services |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1021.002 | SMB/Windows Admin Shares |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1021.003 | Distributed Component Object Model |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1021.006 | Windows Remote Management |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1021.007 | Cloud Services |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1046 | Network Service Discovery |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1059 | Command and Scripting Interpreter |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1059.001 | PowerShell |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1059.008 | Network Device CLI |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1059.009 | Cloud API |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1072 | Software Deployment Tools |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1095 | Non-Application Layer Protocol |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1098 | Account Manipulation |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1098.001 | Additional Cloud Credentials |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1098.002 | Additional Email Delegate Permissions |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1098.003 | Additional Cloud Roles |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1134 | Access Token Manipulation |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1136 | Create Account |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1190 | Exploit Public-Facing Application |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1199 | Trusted Relationship |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1210 | Exploitation of Remote Services |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1218 | System Binary Proxy Execution |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1218.007 | Msiexec |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1495 | Firmware Corruption |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1505 | Server Software Component |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1505.004 | IIS Components |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1542 | Pre-OS Boot |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1542.001 | System Firmware |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1542.003 | Bootkit |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1543 | Create or Modify System Process |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1543.002 | Systemd Service |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1546.008 | Accessibility Features |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1546 | Event Triggered Execution |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1547.006 | Kernel Modules and Extensions |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1548 | Abuse Elevation Control Mechanism |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1548.006 | TCC Manipulation |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1550 | Use Alternate Authentication Material |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1550.002 | Pass the Hash |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1550.003 | Pass the Ticket |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1552 | Unsecured Credentials |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1552.005 | Cloud Instance Metadata API |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1552.007 | Container API |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1553 | Subvert Trust Controls |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1553.006 | Code Signing Policy Modification |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1555 | Credentials from Password Stores |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1557 | Adversary-in-the-Middle |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1557.001 | LLMNR/NBT-NS Poisoning and SMB Relay |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1557.002 | ARP Cache Poisoning |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1559 | Inter-Process Communication |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1559.001 | Component Object Model |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1563 | Remote Service Session Hijacking |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1563.002 | RDP Hijacking |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1602 | Data from Configuration Repository |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1602.001 | SNMP (MIB Dump) |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1602.002 | Network Device Configuration Dump |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1606 | Forge Web Credentials |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1606.002 | SAML Tokens |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1609 | Container Administration Command |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|
| PR.IR-01.06 | Production environment segregation | Mitigates | T1611 | Escape to Host |
Comments
This diagnostic statement provides protections for production environments. Measures such as network segmentation and access control reduce the attack surface, restrict movement by adversaries, and protect critical assets and data from compromise.
|