NIST 800-53 Supply Chain Risk Management Capability Group

All Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
SR-11 Component Authenticity Protects T1059.002 AppleScript
SR-11 Component Authenticity Protects T1505 Server Software Component
SR-11 Component Authenticity Protects T1546.006 LC_LOAD_DYLIB Addition
SR-11 Component Authenticity Protects T1204.003 Malicious Image
SR-11 Component Authenticity Protects T1505.001 SQL Stored Procedures
SR-11 Component Authenticity Protects T1505.002 Transport Agent
SR-11 Component Authenticity Protects T1505.004 IIS Components
SR-11 Component Authenticity Protects T1554 Compromise Client Software Binary
SR-11 Component Authenticity Protects T1601 Modify System Image
SR-11 Component Authenticity Protects T1601.001 Patch System Image
SR-11 Component Authenticity Protects T1601.002 Downgrade System Image
SR-4 Provenance Protects T1059.002 AppleScript
SR-4 Provenance Protects T1505 Server Software Component
SR-4 Provenance Protects T1546.006 LC_LOAD_DYLIB Addition
SR-4 Provenance Protects T1567 Exfiltration Over Web Service
SR-4 Provenance Protects T1041 Exfiltration Over C2 Channel
SR-4 Provenance Protects T1048 Exfiltration Over Alternative Protocol
SR-4 Provenance Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
SR-4 Provenance Protects T1048.003 Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
SR-4 Provenance Protects T1052 Exfiltration Over Physical Medium
SR-4 Provenance Protects T1052.001 Exfiltration over USB
SR-4 Provenance Protects T1204.003 Malicious Image
SR-4 Provenance Protects T1505.001 SQL Stored Procedures
SR-4 Provenance Protects T1505.002 Transport Agent
SR-4 Provenance Protects T1505.004 IIS Components
SR-4 Provenance Protects T1554 Compromise Client Software Binary
SR-4 Provenance Protects T1601 Modify System Image
SR-4 Provenance Protects T1601.001 Patch System Image
SR-4 Provenance Protects T1601.002 Downgrade System Image
SR-5 Acquisition Strategies, Tools, and Methods Protects T1059.002 AppleScript
SR-5 Acquisition Strategies, Tools, and Methods Protects T1505 Server Software Component
SR-5 Acquisition Strategies, Tools, and Methods Protects T1546.006 LC_LOAD_DYLIB Addition
SR-5 Acquisition Strategies, Tools, and Methods Protects T1204.003 Malicious Image
SR-5 Acquisition Strategies, Tools, and Methods Protects T1505.001 SQL Stored Procedures
SR-5 Acquisition Strategies, Tools, and Methods Protects T1505.002 Transport Agent
SR-5 Acquisition Strategies, Tools, and Methods Protects T1505.004 IIS Components
SR-5 Acquisition Strategies, Tools, and Methods Protects T1554 Compromise Client Software Binary
SR-5 Acquisition Strategies, Tools, and Methods Protects T1601 Modify System Image
SR-5 Acquisition Strategies, Tools, and Methods Protects T1601.001 Patch System Image
SR-5 Acquisition Strategies, Tools, and Methods Protects T1601.002 Downgrade System Image
SR-6 Supplier Assessments and Reviews Protects T1059.002 AppleScript
SR-6 Supplier Assessments and Reviews Protects T1505 Server Software Component
SR-6 Supplier Assessments and Reviews Protects T1546.006 LC_LOAD_DYLIB Addition
SR-6 Supplier Assessments and Reviews Protects T1204.003 Malicious Image
SR-6 Supplier Assessments and Reviews Protects T1505.001 SQL Stored Procedures
SR-6 Supplier Assessments and Reviews Protects T1505.002 Transport Agent
SR-6 Supplier Assessments and Reviews Protects T1505.004 IIS Components
SR-6 Supplier Assessments and Reviews Protects T1554 Compromise Client Software Binary
SR-6 Supplier Assessments and Reviews Protects T1601 Modify System Image
SR-6 Supplier Assessments and Reviews Protects T1601.001 Patch System Image
SR-6 Supplier Assessments and Reviews Protects T1601.002 Downgrade System Image
SR-6 Supplier Assessments and Reviews Protects T1078 Valid Accounts

Capabilities

Capability ID Capability Name Number of Mappings
SR-4 Provenance 18
SR-6 Supplier Assessments and Reviews 12
SR-5 Acquisition Strategies, Tools, and Methods 11
SR-11 Component Authenticity 11