| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1221 | Template Injection |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1566.003 | Spearphishing via Service |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1027.013 | Encrypted/Encoded File |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1027.014 | Polymorphic Code |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1027.002 | Software Packing |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1027.010 | Command Obfuscation |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1027.012 | LNK Icon Smuggling |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1027 | Obfuscated Files or Information |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1021.001 | Remote Desktop Protocol |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1036 | Masquerading |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1036.008 | Masquerade File Type |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1564 | Hide Artifacts |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1564.012 | File/Path Exclusions |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1059 | Command and Scripting Interpreter |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1059.006 | Python |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1059.005 | Visual Basic |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1053 | Scheduled Task/Job |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1548 | Abuse Elevation Control Mechanism |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1552 | Unsecured Credentials |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1552.003 | Bash History |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1003.002 | Security Account Manager |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1003.005 | Cached Domain Credentials |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1542.005 | TFTP Boot |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1563.002 | RDP Hijacking |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1027.009 | Embedded Payloads |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1059.001 | PowerShell |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1053.002 | At |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1053.005 | Scheduled Task |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1553 | Subvert Trust Controls |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1562.003 | Impair Command History Logging |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1098 | Account Manipulation |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1490 | Inhibit System Recovery |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1036.007 | Double File Extension |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1556 | Modify Authentication Process |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1556.002 | Password Filter DLL |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1556.008 | Network Provider DLL |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1135 | Network Share Discovery |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1003 | OS Credential Dumping |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1003.001 | LSASS Memory |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1197 | BITS Jobs |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1092 | Communication Through Removable Media |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1136 | Create Account |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1136.002 | Domain Account |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1543.003 | Windows Service |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1546.008 | Accessibility Features |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1011 | Exfiltration Over Other Network Medium |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1011.001 | Exfiltration Over Bluetooth |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1564.002 | Hidden Users |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1574.006 | Dynamic Linker Hijacking |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1087.002 | Domain Account |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1666 | Modify Cloud Resource Hierarchy |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1137 | Office Application Startup |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1137.002 | Office Test |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1566 | Phishing |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1566.001 | Spearphishing Attachment |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1566.002 | Spearphishing Link |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1598 | Phishing for Information |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1598.002 | Spearphishing Attachment |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1598.003 | Spearphishing Link |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1539 | Steal Web Session Cookie |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1553 | Subvert Trust Controls |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1553.004 | Install Root Certificate |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1537 | Transfer Data to Cloud Account |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1535 | Unused/Unsupported Cloud Regions |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1550.004 | Web Session Cookie |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1547.006 | Kernel Modules and Extensions |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1548.001 | Setuid and Setgid |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1548.003 | Sudo and Sudo Caching |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1087 | Account Discovery |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1087.001 | Local Account |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1559.002 | Dynamic Data Exchange |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1543.005 | Container Service |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1555.005 | Password Managers |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1602 | Data from Configuration Repository |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1602.001 | SNMP (MIB Dump) |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1602.002 | Network Device Configuration Dump |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1213 | Data from Information Repositories |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1213.001 | Confluence |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1213.002 | Sharepoint |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1213.003 | Code Repositories |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1213.004 | Customer Relationship Management Software |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1213.005 | Messaging Applications |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1606 | Forge Web Credentials |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1606.001 | Web Cookies |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1562 | Impair Defenses |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1562.006 | Indicator Blocking |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1562.009 | Safe Mode Boot |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1562.010 | Downgrade Attack |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1559 | Inter-Process Communication |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1543 | Create or Modify System Process |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|
| PR.PS-01.01 | Configuration baselines | Mitigates | T1552 | Unsecured Credentials |
Comments
This diagnostic statement provides for securely configuring production systems. This includes hardening default configurations and making security-focused setting adjustments to reduce the attack surface, enforce best practices, and protect sensitive data thereby mitigating adversary exploitation.
|