| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| PR.PS-06.05 | Testing and validation strategy | Mitigates | T1505 | Server Software Component |
Comments
This particular diagnostic statement highlights the use of software security testing, code integrity verifications, and vulnerability scanning to mitigate security weaknesses and vulnerabilities in developed code or applications that an adversary may be able to take advantage of.
|
| PR.PS-06.05 | Testing and validation strategy | Mitigates | T1036.001 | Invalid Code Signature |
Comments
This particular diagnostic statement highlights the use of software security testing, code integrity verifications, and vulnerability scanning to mitigate security weaknesses and vulnerabilities in developed code or applications that an adversary may be able to take advantage of.
|
| PR.PS-06.05 | Testing and validation strategy | Mitigates | T1554 | Compromise Host Software Binary |
Comments
This particular diagnostic statement highlights the use of software security testing, code integrity verifications, and vulnerability scanning to mitigate security weaknesses and vulnerabilities in developed code or applications that an adversary may be able to take advantage of.
|
| PR.PS-06.05 | Testing and validation strategy | Mitigates | T1211 | Exploitation for Defense Evasion |
Comments
This particular diagnostic statement highlights the use of software security testing, code integrity verifications, and vulnerability scanning to mitigate security weaknesses and vulnerabilities in developed code or applications that an adversary may be able to take advantage of.
|
| PR.PS-06.05 | Testing and validation strategy | Mitigates | T1068 | Exploitation for Privilege Escalation |
Comments
This particular diagnostic statement highlights the use of software security testing, code integrity verifications, and vulnerability scanning to mitigate security weaknesses and vulnerabilities in developed code or applications that an adversary may be able to take advantage of.
|
| PR.PS-06.05 | Testing and validation strategy | Mitigates | T1203 | Exploitation for Client Execution |
Comments
This particular diagnostic statement highlights the use of software security testing, code integrity verifications, and vulnerability scanning to mitigate security weaknesses and vulnerabilities in developed code or applications that an adversary may be able to take advantage of.
|
| PR.PS-06.05 | Testing and validation strategy | Mitigates | T1210 | Exploitation of Remote Services |
Comments
This particular diagnostic statement highlights the use of software security testing, code integrity verifications, and vulnerability scanning to mitigate security weaknesses and vulnerabilities in developed code or applications that an adversary may be able to take advantage of.
|
| PR.PS-06.05 | Testing and validation strategy | Mitigates | T1212 | Exploitation for Credential Access |
Comments
This particular diagnostic statement highlights the use of software security testing, code integrity verifications, and vulnerability scanning to mitigate security weaknesses and vulnerabilities in developed code or applications that an adversary may be able to take advantage of.
|
| PR.PS-06.05 | Testing and validation strategy | Mitigates | T1190 | Exploit Public-Facing Application |
Comments
This particular diagnostic statement highlights the use of software security testing, code integrity verifications, and vulnerability scanning to mitigate security weaknesses and vulnerabilities in developed code or applications that an adversary may be able to take advantage of.
|
| PR.PS-06.05 | Testing and validation strategy | Mitigates | T1127 | Trusted Developer Utilities Proxy Execution |
Comments
This particular diagnostic statement highlights the use of software security testing, code integrity verifications, and vulnerability scanning to mitigate security weaknesses and vulnerabilities in developed code or applications that an adversary may be able to take advantage of.
|