National Institute of Standards in Technology (NIST) Special Publication 800-53 provides a catalog of security and privacy controls for the protection of information systems and organizations from a diverse set of threats and risks. These mappings provide resources for security control coverage against real-world threats as described in the MITRE ATT&CK® knowledge base and provide a foundation for integrating ATT&CK-based threat information into the risk management process.
NIST 800-53 Versions: rev5, rev4 ATT&CK Versions: 14.1, 12.1, 10.1, 9.0, 8.2 ATT&CK Domain: Enterprise
ID | Capability Group Name | Number of Mappings | Number of Capabilities |
---|---|---|---|
AC | Access Control | 1328 | 18 |
CA | Security Assessment and Authorization | 277 | 4 |
CM | Configuration Management | 1120 | 9 |
SC | System and Communications Protection | 513 | 31 |
SI | System and Information Integrity | 1085 | 12 |
CP | Contingency Planning | 65 | 5 |
IA | Identification and Authentication | 353 | 10 |
SA | System and Services Acquisition | 126 | 10 |
RA | Risk Assessment | 122 | 3 |
MP | Media Protection | 6 | 1 |
Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
---|---|---|---|---|
AC-04 | Information Flow Enforcement | Protects | T1001 | Data Obfuscation |
CA-07 | Continuous Monitoring | Protects | T1001 | Data Obfuscation |
CM-02 | Baseline Configuration | Protects | T1001 | Data Obfuscation |
CM-06 | Configuration Settings | Protects | T1001 | Data Obfuscation |
SC-07 | Boundary Protection | Protects | T1001 | Data Obfuscation |
SI-03 | Malicious Code Protection | Protects | T1001 | Data Obfuscation |
SI-04 | System Monitoring | Protects | T1001 | Data Obfuscation |
AC-04 | Information Flow Enforcement | Protects | T1001.001 | Junk Data |
CA-07 | Continuous Monitoring | Protects | T1001.001 | Junk Data |
CM-02 | Baseline Configuration | Protects | T1001.001 | Junk Data |