NIST 800-53 System and Services Acquisition Capability Group

All Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
SA-10 Developer Configuration Management Protects T1078.004 Cloud Accounts
SA-10 Developer Configuration Management Protects T1213.003 Code Repositories
SA-10 Developer Configuration Management Protects T1495 Firmware Corruption
SA-10 Developer Configuration Management Protects T1505 Server Software Component
SA-10 Developer Configuration Management Protects T1078.001 Default Accounts
SA-10 Developer Configuration Management Protects T1078.003 Local Accounts
SA-10 Developer Configuration Management Protects T1505.001 SQL Stored Procedures
SA-10 Developer Configuration Management Protects T1505.002 Transport Agent
SA-10 Developer Configuration Management Protects T1505.004 IIS Components
SA-10 Developer Configuration Management Protects T1542 Pre-OS Boot
SA-10 Developer Configuration Management Protects T1542.001 System Firmware
SA-10 Developer Configuration Management Protects T1542.003 Bootkit
SA-10 Developer Configuration Management Protects T1542.004 ROMMONkit
SA-10 Developer Configuration Management Protects T1542.005 TFTP Boot
SA-10 Developer Configuration Management Protects T1553 Subvert Trust Controls
SA-10 Developer Configuration Management Protects T1553.006 Code Signing Policy Modification
SA-10 Developer Configuration Management Protects T1564.009 Resource Forking
SA-10 Developer Configuration Management Protects T1574.002 DLL Side-Loading
SA-10 Developer Configuration Management Protects T1601 Modify System Image
SA-10 Developer Configuration Management Protects T1601.001 Patch System Image
SA-10 Developer Configuration Management Protects T1601.002 Downgrade System Image
SA-10 Developer Configuration Management Protects T1078 Valid Accounts
SA-10 Developer Configuration Management Protects T1195.003 Compromise Hardware Supply Chain
SA-10 Developer Configuration Management Protects T1559.003 XPC Services
SA-10 Developer Configuration Management Protects T1647 Plist File Modification
SA-11 Developer Testing and Evaluation Protects T1078.004 Cloud Accounts
SA-11 Developer Testing and Evaluation Protects T1213.003 Code Repositories
SA-11 Developer Testing and Evaluation Protects T1495 Firmware Corruption
SA-11 Developer Testing and Evaluation Protects T1505 Server Software Component
SA-11 Developer Testing and Evaluation Protects T1078.001 Default Accounts
SA-11 Developer Testing and Evaluation Protects T1078.003 Local Accounts
SA-11 Developer Testing and Evaluation Protects T1134.005 SID-History Injection
SA-11 Developer Testing and Evaluation Protects T1505.001 SQL Stored Procedures
SA-11 Developer Testing and Evaluation Protects T1505.002 Transport Agent
SA-11 Developer Testing and Evaluation Protects T1505.004 IIS Components
SA-11 Developer Testing and Evaluation Protects T1542 Pre-OS Boot
SA-11 Developer Testing and Evaluation Protects T1542.001 System Firmware
SA-11 Developer Testing and Evaluation Protects T1542.003 Bootkit
SA-11 Developer Testing and Evaluation Protects T1542.004 ROMMONkit
SA-11 Developer Testing and Evaluation Protects T1542.005 TFTP Boot
SA-11 Developer Testing and Evaluation Protects T1552 Unsecured Credentials
SA-11 Developer Testing and Evaluation Protects T1552.001 Credentials In Files
SA-11 Developer Testing and Evaluation Protects T1552.002 Credentials in Registry
SA-11 Developer Testing and Evaluation Protects T1552.004 Private Keys
SA-11 Developer Testing and Evaluation Protects T1552.006 Group Policy Preferences
SA-11 Developer Testing and Evaluation Protects T1553 Subvert Trust Controls
SA-11 Developer Testing and Evaluation Protects T1553.006 Code Signing Policy Modification
SA-11 Developer Testing and Evaluation Protects T1558.004 AS-REP Roasting
SA-11 Developer Testing and Evaluation Protects T1574.002 DLL Side-Loading
SA-11 Developer Testing and Evaluation Protects T1601 Modify System Image
SA-11 Developer Testing and Evaluation Protects T1601.001 Patch System Image
SA-11 Developer Testing and Evaluation Protects T1601.002 Downgrade System Image
SA-11 Developer Testing and Evaluation Protects T1612 Build Image on Host
SA-11 Developer Testing and Evaluation Protects T1078 Valid Accounts
SA-11 Developer Testing and Evaluation Protects T1195.003 Compromise Hardware Supply Chain
SA-11 Developer Testing and Evaluation Protects T1528 Steal Application Access Token
SA-11 Developer Security Testing And Evaluation Protects T1559.003 XPC Services
SA-11 Developer Security Testing And Evaluation Protects T1647 Plist File Modification
SA-15 Development Process, Standards, and Tools Protects T1078.004 Cloud Accounts
SA-15 Development Process, Standards, and Tools Protects T1213.003 Code Repositories
SA-15 Development Process, Standards, and Tools Protects T1078.001 Default Accounts
SA-15 Development Process, Standards, and Tools Protects T1078.003 Local Accounts
SA-15 Development Process, Standards, and Tools Protects T1552 Unsecured Credentials
SA-15 Development Process, Standards, and Tools Protects T1552.001 Credentials In Files
SA-15 Development Process, Standards, and Tools Protects T1552.002 Credentials in Registry
SA-15 Development Process, Standards, and Tools Protects T1552.004 Private Keys
SA-15 Development Process, Standards, and Tools Protects T1552.006 Group Policy Preferences
SA-15 Development Process, Standards, and Tools Protects T1558.004 AS-REP Roasting
SA-15 Development Process, Standards, and Tools Protects T1574.002 DLL Side-Loading
SA-15 Development Process, Standards, and Tools Protects T1078 Valid Accounts
SA-15 Development Process, Standards, and Tools Protects T1528 Steal Application Access Token
SA-16 Developer-provided Training Protects T1078.004 Cloud Accounts
SA-16 Developer-provided Training Protects T1078.001 Default Accounts
SA-16 Developer-provided Training Protects T1078.003 Local Accounts
SA-16 Developer-provided Training Protects T1574.002 DLL Side-Loading
SA-16 Developer-provided Training Protects T1078 Valid Accounts
SA-17 Developer Security and Privacy Architecture and Design Protects T1078.004 Cloud Accounts
SA-17 Developer Security and Privacy Architecture and Design Protects T1078.001 Default Accounts
SA-17 Developer Security and Privacy Architecture and Design Protects T1078.003 Local Accounts
SA-17 Developer Security and Privacy Architecture and Design Protects T1134.005 SID-History Injection
SA-17 Developer Security and Privacy Architecture and Design Protects T1574.002 DLL Side-Loading
SA-17 Developer Security and Privacy Architecture and Design Protects T1078 Valid Accounts
SA-17 Developer Security and Privacy Architecture and Design Protects T1482 Domain Trust Discovery
SA-22 Unsupported System Components Protects T1189 Drive-by Compromise
SA-22 Unsupported System Components Protects T1195 Supply Chain Compromise
SA-22 Unsupported System Components Protects T1195.001 Compromise Software Dependencies and Development Tools
SA-22 Unsupported System Components Protects T1195.002 Compromise Software Supply Chain
SA-22 Unsupported System Components Protects T1543 Create or Modify System Process
SA-22 Unsupported System Components Protects T1543.002 Systemd Service
SA-3 System Development Life Cycle Protects T1078.004 Cloud Accounts
SA-3 System Development Life Cycle Protects T1213.003 Code Repositories
SA-3 System Development Life Cycle Protects T1078.001 Default Accounts
SA-3 System Development Life Cycle Protects T1078.003 Local Accounts
SA-3 System Development Life Cycle Protects T1574.002 DLL Side-Loading
SA-3 System Development Life Cycle Protects T1078 Valid Accounts
SA-4 Acquisition Process Protects T1078.004 Cloud Accounts
SA-4 Acquisition Process Protects T1078.001 Default Accounts
SA-4 Acquisition Process Protects T1078.003 Local Accounts
SA-4 Acquisition Process Protects T1134.005 SID-History Injection
SA-4 Acquisition Process Protects T1574.002 DLL Side-Loading
SA-4 Acquisition Process Protects T1078 Valid Accounts
SA-8 Security and Privacy Engineering Principles Protects T1078.004 Cloud Accounts
SA-8 Security and Privacy Engineering Principles Protects T1190 Exploit Public-Facing Application
SA-8 Security and Privacy Engineering Principles Protects T1213.003 Code Repositories
SA-8 Security and Privacy Engineering Principles Protects T1567 Exfiltration Over Web Service
SA-8 Security and Privacy Engineering Principles Protects T1025 Data from Removable Media
SA-8 Security and Privacy Engineering Principles Protects T1041 Exfiltration Over C2 Channel
SA-8 Security and Privacy Engineering Principles Protects T1048 Exfiltration Over Alternative Protocol
SA-8 Security and Privacy Engineering Principles Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
SA-8 Security and Privacy Engineering Principles Protects T1048.003 Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
SA-8 Security and Privacy Engineering Principles Protects T1052 Exfiltration Over Physical Medium
SA-8 Security and Privacy Engineering Principles Protects T1052.001 Exfiltration over USB
SA-8 Security and Privacy Engineering Principles Protects T1078.001 Default Accounts
SA-8 Security and Privacy Engineering Principles Protects T1078.003 Local Accounts
SA-8 Security and Privacy Engineering Principles Protects T1134.005 SID-History Injection
SA-8 Security and Privacy Engineering Principles Protects T1574.002 DLL Side-Loading
SA-8 Security and Privacy Engineering Principles Protects T1005 Data from Local System
SA-8 Security and Privacy Engineering Principles Protects T1078 Valid Accounts
SA-8 Security and Privacy Engineering Principles Protects T1482 Domain Trust Discovery
SA-8 Security Engineering Principles Protects T1559.003 XPC Services
SA-8 Security Engineering Principles Protects T1647 Plist File Modification
SA-9 External System Services Protects T1567 Exfiltration Over Web Service
SA-9 External System Services Protects T1041 Exfiltration Over C2 Channel
SA-9 External System Services Protects T1048 Exfiltration Over Alternative Protocol
SA-9 External System Services Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
SA-9 External System Services Protects T1048.003 Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol

Capabilities

Capability ID Capability Name Number of Mappings
SA-10 Developer Configuration Management 25
SA-15 Development Process, Standards, and Tools 13
SA-16 Developer-provided Training 5
SA-9 External System Services 5
SA-17 Developer Security and Privacy Architecture and Design 7
SA-22 Unsupported System Components 6
SA-8 Security and Privacy Engineering Principles 20
SA-4 Acquisition Process 6
SA-3 System Development Life Cycle 6
SA-11 Developer Testing and Evaluation 33