NIST 800-53 SI-10 Mappings

Checking the valid syntax and semantics of system inputs—including character set, length, numerical range, and acceptable values—verifies that inputs match specified definitions for format and content. For example, if the organization specifies that numerical values between 1-100 are the only acceptable inputs for a field in a given application, inputs of 387,abc, or %K% are invalid inputs and are not accepted as input to the system. Valid inputs are likely to vary from field to field within a software application. Applications typically follow well-defined protocols that use structured messages (i.e., commands or queries) to communicate between software modules or system components. Structured messages can contain raw or unstructured data interspersed with metadata or control information. If software applications use attacker-supplied inputs to construct structured messages without properly encoding such messages, then the attacker could insert malicious commands or special characters that can cause the data to be interpreted as control information or metadata. Consequently, the module or component that receives the corrupted output will perform the wrong operations or otherwise interpret the data incorrectly. Prescreening inputs prior to passing them to interpreters prevents the content from being unintentionally interpreted as commands. Input validation ensures accurate and correct inputs and prevents attacks such as cross-site scripting and a variety of injection attacks.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
SI-10 Information Input Validation Protects T1059 Command and Scripting Interpreter
SI-10 Information Input Validation Protects T1059.001 PowerShell
SI-10 Information Input Validation Protects T1059.002 AppleScript
SI-10 Information Input Validation Protects T1059.005 Visual Basic
SI-10 Information Input Validation Protects T1059.008 Network Device CLI
SI-10 Information Input Validation Protects T1095 Non-Application Layer Protocol
SI-10 Information Input Validation Protects T1129 Shared Modules
SI-10 Information Input Validation Protects T1176 Browser Extensions
SI-10 Information Input Validation Protects T1190 Exploit Public-Facing Application
SI-10 Information Input Validation Protects T1197 BITS Jobs
SI-10 Information Input Validation Protects T1216 Signed Script Proxy Execution
SI-10 Information Input Validation Protects T1216.001 PubPrn
SI-10 Information Input Validation Protects T1218.003 CMSTP
SI-10 Information Input Validation Protects T1218.004 InstallUtil
SI-10 Information Input Validation Protects T1218.008 Odbcconf
SI-10 Information Input Validation Protects T1218.009 Regsvcs/Regasm
SI-10 Information Input Validation Protects T1218.010 Regsvr32
SI-10 Information Input Validation Protects T1218.012 Verclsid
SI-10 Information Input Validation Protects T1218.013 Mavinject
SI-10 Information Input Validation Protects T1218.014 MMC
SI-10 Information Input Validation Protects T1219 Remote Access Software
SI-10 Information Input Validation Protects T1221 Template Injection
SI-10 Information Input Validation Protects T1498.001 Direct Network Flood
SI-10 Information Input Validation Protects T1498.002 Reflection Amplification
SI-10 Information Input Validation Protects T1499 Endpoint Denial of Service
SI-10 Information Input Validation Protects T1499.001 OS Exhaustion Flood
SI-10 Information Input Validation Protects T1499.002 Service Exhaustion Flood
SI-10 Information Input Validation Protects T1499.003 Application Exhaustion Flood
SI-10 Information Input Validation Protects T1499.004 Application or System Exploitation
SI-10 Information Input Validation Protects T1537 Transfer Data to Cloud Account
SI-10 Information Input Validation Protects T1546.002 Screensaver
SI-10 Information Input Validation Protects T1546.006 LC_LOAD_DYLIB Addition
SI-10 Information Input Validation Protects T1547.004 Winlogon Helper DLL
SI-10 Information Input Validation Protects T1547.006 Kernel Modules and Extensions
SI-10 Information Input Validation Protects T1552.005 Cloud Instance Metadata API
SI-10 Information Input Validation Protects T1553.001 Gatekeeper Bypass
SI-10 Information Input Validation Protects T1553.005 Mark-of-the-Web Bypass
SI-10 Information Input Validation Protects T1570 Lateral Tool Transfer
SI-10 Information Input Validation Protects T1574 Hijack Execution Flow
SI-10 Information Input Validation Protects T1574.007 Path Interception by PATH Environment Variable
SI-10 Information Input Validation Protects T1602.002 Network Device Configuration Dump
SI-10 Information Input Validation Protects T1609 Container Administration Command
SI-10 Information Input Validation Protects T1021.002 SMB/Windows Admin Shares
SI-10 Information Input Validation Protects T1021.005 VNC
SI-10 Information Input Validation Protects T1036 Masquerading
SI-10 Information Input Validation Protects T1036.005 Match Legitimate Name or Location
SI-10 Information Input Validation Protects T1048 Exfiltration Over Alternative Protocol
SI-10 Information Input Validation Protects T1048.001 Exfiltration Over Symmetric Encrypted Non-C2 Protocol
SI-10 Information Input Validation Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
SI-10 Information Input Validation Protects T1048.003 Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
SI-10 Information Input Validation Protects T1059.003 Windows Command Shell
SI-10 Information Input Validation Protects T1059.004 Unix Shell
SI-10 Information Input Validation Protects T1059.006 Python
SI-10 Information Input Validation Protects T1059.007 JavaScript
SI-10 Information Input Validation Protects T1071.004 DNS
SI-10 Information Input Validation Protects T1080 Taint Shared Content
SI-10 Information Input Validation Protects T1090 Proxy
SI-10 Information Input Validation Protects T1090.003 Multi-hop Proxy
SI-10 Information Input Validation Protects T1127 Trusted Developer Utilities Proxy Execution
SI-10 Information Input Validation Protects T1187 Forced Authentication
SI-10 Information Input Validation Protects T1218.001 Compiled HTML File
SI-10 Information Input Validation Protects T1218.002 Control Panel
SI-10 Information Input Validation Protects T1218.005 Mshta
SI-10 Information Input Validation Protects T1220 XSL Script Processing
SI-10 Information Input Validation Protects T1498 Network Denial of Service
SI-10 Information Input Validation Protects T1546.008 Accessibility Features
SI-10 Information Input Validation Protects T1546.009 AppCert DLLs
SI-10 Information Input Validation Protects T1546.010 AppInit DLLs
SI-10 Information Input Validation Protects T1552 Unsecured Credentials
SI-10 Information Input Validation Protects T1553 Subvert Trust Controls
SI-10 Information Input Validation Protects T1553.003 SIP and Trust Provider Hijacking
SI-10 Information Input Validation Protects T1557.002 ARP Cache Poisoning
SI-10 Information Input Validation Protects T1564.003 Hidden Window
SI-10 Information Input Validation Protects T1564.006 Run Virtual Instance
SI-10 Information Input Validation Protects T1564.009 Resource Forking
SI-10 Information Input Validation Protects T1572 Protocol Tunneling
SI-10 Information Input Validation Protects T1574.001 DLL Search Order Hijacking
SI-10 Information Input Validation Protects T1574.006 Dynamic Linker Hijacking
SI-10 Information Input Validation Protects T1574.008 Path Interception by Search Order Hijacking
SI-10 Information Input Validation Protects T1574.009 Path Interception by Unquoted Path
SI-10 Information Input Validation Protects T1574.012 COR_PROFILER
SI-10 Information Input Validation Protects T1599.001 Network Address Translation Traversal
SI-10 Information Input Validation Protects T1602 Data from Configuration Repository
SI-10 Information Input Validation Protects T1602.001 SNMP (MIB Dump)
SI-10 Information Input Validation Protects T1218 Signed Binary Proxy Execution
SI-10 Information Input Validation Protects T1218.011 Rundll32
SI-10 Information Input Validation Protects T1530 Data from Cloud Storage Object
SI-10 Information Input Validation Protects T1557 Adversary-in-the-Middle
SI-10 Information Input Validation Protects T1557.001 LLMNR/NBT-NS Poisoning and SMB Relay
SI-10 Information Input Validation Protects T1599 Network Boundary Bridging
SI-10 Information Input Validation Protects T1204 User Execution
SI-10 Information Input Validation Protects T1204.002 Malicious File
SI-10 Information Input Validation Protects T1557.003 DHCP Spoofing
SI-10 Information Input Validation Protects T1574.013 KernelCallbackTable
SI-10 Information Input Validation Protects T1622 Debugger Evasion