Generate audit records containing relevant security information.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| LOG-08 | Audit Logs Sanitization | mitigates | T1528 | Steal Application Access Token |
Comments
This control requires organizations to implement technical measures that automatically detect and remove sensitive data from logs to prevent unauthorized exposure. Log Sanitization may help mitigate risks from Unsecured Credentials (T1552), where attackers target logs for sensitive information such as credentials or access tokens.
|
| LOG-08 | Audit Logs Sanitization | mitigates | T1552 | Unsecured Credentials |
Comments
This control requires organizations to implement technical measures that automatically detect and remove sensitive data from logs to prevent unauthorized exposure. Log Sanitization may help mitigate risks from Unsecured Credentials (T1552), where attackers target logs for sensitive information such as credentials or access tokens.
|
| LOG-08 | Audit Logs Sanitization | mitigates | T1213 | Data from Information Repositories |
Comments
This control requires organizations to implement technical measures that automatically detect and remove sensitive data from logs to prevent unauthorized exposure. Data from Information Repositories (T1213) can occur if logs containing sensitive data are accessed or exfiltrated.
|