NIST 800-53 SA-16 Mappings

Developer-provided training applies to external and internal (in-house) developers. Training personnel is essential to ensuring the effectiveness of the controls implemented within organizational systems. Types of training include web-based and computer-based training, classroom-style training, and hands-on training (including micro-training). Organizations can also request training materials from developers to conduct in-house training or offer self-training to organizational personnel. Organizations determine the type of training necessary and may require different types of training for different security and privacy functions, controls, and mechanisms.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
SA-16 Developer-provided Training Protects T1078 Valid Accounts
SA-16 Developer-provided Training Protects T1078.001 Default Accounts
SA-16 Developer-provided Training Protects T1078.003 Local Accounts
SA-16 Developer-provided Training Protects T1078.004 Cloud Accounts
SA-16 Developer-provided Training Protects T1574.002 DLL Side-Loading