| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1212 | Exploitation for Credential Access |
Comments
This diagnostic statement protects against Exploitation for Credential Access through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1564 | Hide Artifacts |
Comments
This diagnostic statement protects against Hide Artifacts through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1564.009 | Resource Forking |
Comments
This diagnostic statement protects against Resource Forking through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1564.012 | File/Path Exclusions |
Comments
This diagnostic statement protects against File/Path Exclusions through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1574 | Hijack Execution Flow |
Comments
This diagnostic statement protects against Hijack Execution Flow through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1574.001 | DLL Search Order Hijacking |
Comments
This diagnostic statement protects against DLL Search Order Hijacking through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1559 | Inter-Process Communication |
Comments
This diagnostic statement protects against Inter-Process Communication through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1559.003 | XPC Services |
Comments
This diagnostic statement protects against XPC Services through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1647 | Plist File Modification |
Comments
This diagnostic statement protects against Plist File Modification through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1496 | Resource Hijacking |
Comments
This diagnostic statement protects against Resource Hijacking through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1496.003 | SMS Pumping |
Comments
This diagnostic statement protects against SMS Pumping through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1593 | Search Open Websites/Domains |
Comments
This diagnostic statement protects against Search Open Websites/Domains through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1593.003 | Code Repositories |
Comments
This diagnostic statement protects against Code Repositories through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1195 | Supply Chain Compromise |
Comments
This diagnostic statement protects against Supply Chain Compromise through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1195.001 | Compromise Software Dependencies and Development Tools |
Comments
This diagnostic statement protects against Compromise Software Dependencies and Development Tools through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1550 | Use Alternate Authentication Material |
Comments
This diagnostic statement protects against Use Alternate Authentication Material through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1550.001 | Application Access Token |
Comments
This diagnostic statement protects against Application Access Token through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|
| PR.PS-06.07 | Development and operational process alignment | Mitigates | T1078 | Valid Accounts |
Comments
This diagnostic statement protects against Valid Accounts through the use of DevSecOps, secure development lifecycle, and application developer guidance. Exploitable weaknesses can be mitigated through secure code, reduced vulnerabilities, and secure design principles.
|