SA-10 |
Developer Configuration Management |
Protects |
T1078.004 |
Cloud Accounts |
SA-10 |
Developer Configuration Management |
Protects |
T1213.003 |
Code Repositories |
SA-10 |
Developer Configuration Management |
Protects |
T1495 |
Firmware Corruption |
SA-10 |
Developer Configuration Management |
Protects |
T1505 |
Server Software Component |
SA-10 |
Developer Configuration Management |
Protects |
T1078.001 |
Default Accounts |
SA-10 |
Developer Configuration Management |
Protects |
T1078.003 |
Local Accounts |
SA-10 |
Developer Configuration Management |
Protects |
T1505.001 |
SQL Stored Procedures |
SA-10 |
Developer Configuration Management |
Protects |
T1505.002 |
Transport Agent |
SA-10 |
Developer Configuration Management |
Protects |
T1505.004 |
IIS Components |
SA-10 |
Developer Configuration Management |
Protects |
T1542 |
Pre-OS Boot |
SA-10 |
Developer Configuration Management |
Protects |
T1542.001 |
System Firmware |
SA-10 |
Developer Configuration Management |
Protects |
T1542.003 |
Bootkit |
SA-10 |
Developer Configuration Management |
Protects |
T1542.004 |
ROMMONkit |
SA-10 |
Developer Configuration Management |
Protects |
T1542.005 |
TFTP Boot |
SA-10 |
Developer Configuration Management |
Protects |
T1553 |
Subvert Trust Controls |
SA-10 |
Developer Configuration Management |
Protects |
T1553.006 |
Code Signing Policy Modification |
SA-10 |
Developer Configuration Management |
Protects |
T1564.009 |
Resource Forking |
SA-10 |
Developer Configuration Management |
Protects |
T1574.002 |
DLL Side-Loading |
SA-10 |
Developer Configuration Management |
Protects |
T1601 |
Modify System Image |
SA-10 |
Developer Configuration Management |
Protects |
T1601.001 |
Patch System Image |
SA-10 |
Developer Configuration Management |
Protects |
T1601.002 |
Downgrade System Image |
SA-10 |
Developer Configuration Management |
Protects |
T1078 |
Valid Accounts |
SA-10 |
Developer Configuration Management |
Protects |
T1195.003 |
Compromise Hardware Supply Chain |
SA-10 |
Developer Configuration Management |
Protects |
T1559.003 |
XPC Services |
SA-10 |
Developer Configuration Management |
Protects |
T1647 |
Plist File Modification |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1078.004 |
Cloud Accounts |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1213.003 |
Code Repositories |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1495 |
Firmware Corruption |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1505 |
Server Software Component |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1078.001 |
Default Accounts |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1078.003 |
Local Accounts |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1134.005 |
SID-History Injection |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1505.001 |
SQL Stored Procedures |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1505.002 |
Transport Agent |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1505.004 |
IIS Components |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1542 |
Pre-OS Boot |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1542.001 |
System Firmware |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1542.003 |
Bootkit |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1542.004 |
ROMMONkit |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1542.005 |
TFTP Boot |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1552 |
Unsecured Credentials |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1552.001 |
Credentials In Files |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1552.002 |
Credentials in Registry |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1552.004 |
Private Keys |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1552.006 |
Group Policy Preferences |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1553 |
Subvert Trust Controls |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1553.006 |
Code Signing Policy Modification |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1558.004 |
AS-REP Roasting |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1574.002 |
DLL Side-Loading |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1601 |
Modify System Image |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1601.001 |
Patch System Image |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1601.002 |
Downgrade System Image |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1612 |
Build Image on Host |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1078 |
Valid Accounts |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1195.003 |
Compromise Hardware Supply Chain |
SA-11 |
Developer Testing and Evaluation |
Protects |
T1528 |
Steal Application Access Token |
SA-11 |
Developer Security Testing And Evaluation |
Protects |
T1559.003 |
XPC Services |
SA-11 |
Developer Security Testing And Evaluation |
Protects |
T1647 |
Plist File Modification |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1078.004 |
Cloud Accounts |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1213.003 |
Code Repositories |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1078.001 |
Default Accounts |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1078.003 |
Local Accounts |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1552 |
Unsecured Credentials |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1552.001 |
Credentials In Files |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1552.002 |
Credentials in Registry |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1552.004 |
Private Keys |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1552.006 |
Group Policy Preferences |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1558.004 |
AS-REP Roasting |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1574.002 |
DLL Side-Loading |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1078 |
Valid Accounts |
SA-15 |
Development Process, Standards, and Tools |
Protects |
T1528 |
Steal Application Access Token |
SA-16 |
Developer-provided Training |
Protects |
T1078.004 |
Cloud Accounts |
SA-16 |
Developer-provided Training |
Protects |
T1078.001 |
Default Accounts |
SA-16 |
Developer-provided Training |
Protects |
T1078.003 |
Local Accounts |
SA-16 |
Developer-provided Training |
Protects |
T1574.002 |
DLL Side-Loading |
SA-16 |
Developer-provided Training |
Protects |
T1078 |
Valid Accounts |
SA-17 |
Developer Security and Privacy Architecture and Design |
Protects |
T1078.004 |
Cloud Accounts |
SA-17 |
Developer Security and Privacy Architecture and Design |
Protects |
T1078.001 |
Default Accounts |
SA-17 |
Developer Security and Privacy Architecture and Design |
Protects |
T1078.003 |
Local Accounts |
SA-17 |
Developer Security and Privacy Architecture and Design |
Protects |
T1134.005 |
SID-History Injection |
SA-17 |
Developer Security and Privacy Architecture and Design |
Protects |
T1574.002 |
DLL Side-Loading |
SA-17 |
Developer Security and Privacy Architecture and Design |
Protects |
T1078 |
Valid Accounts |
SA-17 |
Developer Security and Privacy Architecture and Design |
Protects |
T1482 |
Domain Trust Discovery |
SA-22 |
Unsupported System Components |
Protects |
T1189 |
Drive-by Compromise |
SA-22 |
Unsupported System Components |
Protects |
T1195 |
Supply Chain Compromise |
SA-22 |
Unsupported System Components |
Protects |
T1195.001 |
Compromise Software Dependencies and Development Tools |
SA-22 |
Unsupported System Components |
Protects |
T1195.002 |
Compromise Software Supply Chain |
SA-22 |
Unsupported System Components |
Protects |
T1543 |
Create or Modify System Process |
SA-22 |
Unsupported System Components |
Protects |
T1543.002 |
Systemd Service |
SA-3 |
System Development Life Cycle |
Protects |
T1078.004 |
Cloud Accounts |
SA-3 |
System Development Life Cycle |
Protects |
T1213.003 |
Code Repositories |
SA-3 |
System Development Life Cycle |
Protects |
T1078.001 |
Default Accounts |
SA-3 |
System Development Life Cycle |
Protects |
T1078.003 |
Local Accounts |
SA-3 |
System Development Life Cycle |
Protects |
T1574.002 |
DLL Side-Loading |
SA-3 |
System Development Life Cycle |
Protects |
T1078 |
Valid Accounts |
SA-4 |
Acquisition Process |
Protects |
T1078.004 |
Cloud Accounts |
SA-4 |
Acquisition Process |
Protects |
T1078.001 |
Default Accounts |
SA-4 |
Acquisition Process |
Protects |
T1078.003 |
Local Accounts |
SA-4 |
Acquisition Process |
Protects |
T1134.005 |
SID-History Injection |
SA-4 |
Acquisition Process |
Protects |
T1574.002 |
DLL Side-Loading |
SA-4 |
Acquisition Process |
Protects |
T1078 |
Valid Accounts |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1078.004 |
Cloud Accounts |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1190 |
Exploit Public-Facing Application |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1213.003 |
Code Repositories |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1567 |
Exfiltration Over Web Service |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1025 |
Data from Removable Media |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1041 |
Exfiltration Over C2 Channel |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1048 |
Exfiltration Over Alternative Protocol |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1048.002 |
Exfiltration Over Asymmetric Encrypted Non-C2 Protocol |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1048.003 |
Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1052 |
Exfiltration Over Physical Medium |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1052.001 |
Exfiltration over USB |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1078.001 |
Default Accounts |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1078.003 |
Local Accounts |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1134.005 |
SID-History Injection |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1574.002 |
DLL Side-Loading |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1005 |
Data from Local System |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1078 |
Valid Accounts |
SA-8 |
Security and Privacy Engineering Principles |
Protects |
T1482 |
Domain Trust Discovery |
SA-8 |
Security Engineering Principles |
Protects |
T1559.003 |
XPC Services |
SA-8 |
Security Engineering Principles |
Protects |
T1647 |
Plist File Modification |
SA-9 |
External System Services |
Protects |
T1567 |
Exfiltration Over Web Service |
SA-9 |
External System Services |
Protects |
T1041 |
Exfiltration Over C2 Channel |
SA-9 |
External System Services |
Protects |
T1048 |
Exfiltration Over Alternative Protocol |
SA-9 |
External System Services |
Protects |
T1048.002 |
Exfiltration Over Asymmetric Encrypted Non-C2 Protocol |
SA-9 |
External System Services |
Protects |
T1048.003 |
Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol |