NIST 800-53 Audit and Accountability Capability Group

All Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AU-1 Policy and Procedures Protects T1556.006 Multi-Factor Authentication
AU-1 Policy and Procedures Protects T1556.007 Hybrid Identity
AU-2 Event Logging Protects T1556.006 Multi-Factor Authentication
AU-2 Event Logging Protects T1556.007 Hybrid Identity
AU-5 Response to Audit Processing Failure Protects T1593.003 Code Repositories
AU-5 Audit Review, Analysis, and Reporting Protects T1649 Steal or Forge Authentication Certificates
AU-6 Audit Review, Analysis, & Reporting Protects T1593.003 Code Repositories

Capabilities

Capability ID Capability Name Number of Mappings
AU-2 Event Logging 2
AU-6 Audit Review, Analysis, & Reporting 1
AU-1 Policy and Procedures 2
AU-5 Response to Audit Processing Failure 2