Home
Mapping Frameworks
CRI Profile Home
End-user device access

CRI Profile PR.IR-01.08

The organization implements policies, procedures, end-user agreements, and technical controls to address the risks of end-user mobile or personal computing devices accessing the organization's network and resources.

Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
PR.IR-01.08	End-user device access	Mitigates	T1006	Direct Volume Access	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1221	Template Injection	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1027.002	Software Packing	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1080	Taint Shared Content	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1027.014	Polymorphic Code	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1027.013	Encrypted/Encoded File	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1027.012	LNK Icon Smuggling	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1027.010	Command Obfuscation	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1027.009	Embedded Payloads	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1027	Obfuscated Files or Information	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1036.008	Masquerade File Type	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1036	Masquerading	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1564	Hide Artifacts	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1564.012	File/Path Exclusions	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1059	Command and Scripting Interpreter	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1059.001	PowerShell	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1059.005	Visual Basic	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1059.006	Python	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.
PR.IR-01.08	End-user device access	Mitigates	T1547.006	Kernel Modules and Extensions	Comments This diagnostic statement implements technical controls (e.g., VPN, antivirus software) to address the risks of end-user personal computing devices accessing the organization’s network and resources.