NIST 800-53 Access Control Capability Group

All Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-04 Information Flow Enforcement Protects T1001 Data Obfuscation
AC-04 Information Flow Enforcement Protects T1001.001 Junk Data
AC-04 Information Flow Enforcement Protects T1001.002 Steganography
AC-04 Information Flow Enforcement Protects T1001.003 Protocol Impersonation
AC-16 Security and Privacy Attributes Protects T1003 OS Credential Dumping
AC-02 Account Management Protects T1003 OS Credential Dumping
AC-03 Access Enforcement Protects T1003 OS Credential Dumping
AC-04 Information Flow Enforcement Protects T1003 OS Credential Dumping
AC-05 Separation of Duties Protects T1003 OS Credential Dumping
AC-06 Least Privilege Protects T1003 OS Credential Dumping
AC-16 Security and Privacy Attributes Protects T1003.003 NTDS
AC-02 Account Management Protects T1003.003 NTDS
AC-03 Access Enforcement Protects T1003.003 NTDS
AC-05 Separation of Duties Protects T1003.003 NTDS
AC-06 Least Privilege Protects T1003.003 NTDS
AC-02 Account Management Protects T1003.004 LSA Secrets
AC-03 Access Enforcement Protects T1003.004 LSA Secrets
AC-05 Separation of Duties Protects T1003.004 LSA Secrets
AC-06 Least Privilege Protects T1003.004 LSA Secrets
AC-02 Account Management Protects T1003.005 Cached Domain Credentials
AC-03 Access Enforcement Protects T1003.005 Cached Domain Credentials
AC-04 Information Flow Enforcement Protects T1003.005 Cached Domain Credentials
AC-05 Separation of Duties Protects T1003.005 Cached Domain Credentials
AC-06 Least Privilege Protects T1003.005 Cached Domain Credentials
AC-02 Account Management Protects T1003.006 DCSync
AC-03 Access Enforcement Protects T1003.006 DCSync
AC-04 Information Flow Enforcement Protects T1003.006 DCSync
AC-05 Separation of Duties Protects T1003.006 DCSync
AC-06 Least Privilege Protects T1003.006 DCSync
AC-02 Account Management Protects T1003.008 /etc/passwd and /etc/shadow
AC-03 Access Enforcement Protects T1003.008 /etc/passwd and /etc/shadow
AC-05 Separation of Duties Protects T1003.008 /etc/passwd and /etc/shadow
AC-06 Least Privilege Protects T1003.008 /etc/passwd and /etc/shadow
AC-04 Information Flow Enforcement Protects T1008 Fallback Channels
AC-17 Remote Access Protects T1021.003 Distributed Component Object Model
AC-02 Account Management Protects T1021.003 Distributed Component Object Model
AC-03 Access Enforcement Protects T1021.003 Distributed Component Object Model
AC-04 Information Flow Enforcement Protects T1021.003 Distributed Component Object Model
AC-05 Separation of Duties Protects T1021.003 Distributed Component Object Model
AC-06 Least Privilege Protects T1021.003 Distributed Component Object Model
AC-17 Remote Access Protects T1021.004 SSH
AC-02 Account Management Protects T1021.004 SSH
AC-20 Use of External Systems Protects T1021.004 SSH
AC-03 Access Enforcement Protects T1021.004 SSH
AC-05 Separation of Duties Protects T1021.004 SSH
AC-06 Least Privilege Protects T1021.004 SSH
AC-07 Unsuccessful Logon Attempts Protects T1021.004 SSH
AC-17 Remote Access Protects T1021.005 VNC
AC-02 Account Management Protects T1021.005 VNC
AC-03 Access Enforcement Protects T1021.005 VNC
AC-04 Information Flow Enforcement Protects T1021.005 VNC
AC-06 Least Privilege Protects T1021.005 VNC
AC-16 Security and Privacy Attributes Protects T1025 Data from Removable Media
AC-02 Account Management Protects T1025 Data from Removable Media
AC-23 Data Mining Protection Protects T1025 Data from Removable Media
AC-03 Access Enforcement Protects T1025 Data from Removable Media
AC-06 Least Privilege Protects T1025 Data from Removable Media
AC-04 Information Flow Enforcement Protects T1029 Scheduled Transfer
AC-04 Information Flow Enforcement Protects T1030 Data Transfer Size Limits
AC-02 Account Management Protects T1036.003 Rename System Utilities
AC-03 Access Enforcement Protects T1036.003 Rename System Utilities
AC-06 Least Privilege Protects T1036.003 Rename System Utilities
AC-17 Remote Access Protects T1037.001 Logon Script (Windows)
AC-03 Access Enforcement Protects T1037.002 Login Hook
AC-03 Access Enforcement Protects T1037.003 Network Logon Script
AC-03 Access Enforcement Protects T1037.004 RC Scripts
AC-03 Access Enforcement Protects T1037.005 Startup Items
AC-03 Access Enforcement Protects T1048.001 Exfiltration Over Symmetric Encrypted Non-C2 Protocol
AC-04 Information Flow Enforcement Protects T1048.001 Exfiltration Over Symmetric Encrypted Non-C2 Protocol
AC-16 Security and Privacy Attributes Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
AC-02 Account Management Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
AC-20 Use of External Systems Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
AC-23 Data Mining Protection Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
AC-03 Access Enforcement Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
AC-04 Information Flow Enforcement Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
AC-06 Least Privilege Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
AC-16 Security and Privacy Attributes Protects T1052 Exfiltration Over Physical Medium
AC-02 Account Management Protects T1052 Exfiltration Over Physical Medium
AC-20 Use of External Systems Protects T1052 Exfiltration Over Physical Medium
AC-23 Data Mining Protection Protects T1052 Exfiltration Over Physical Medium
AC-03 Access Enforcement Protects T1052 Exfiltration Over Physical Medium
AC-06 Least Privilege Protects T1052 Exfiltration Over Physical Medium
AC-16 Security and Privacy Attributes Protects T1052.001 Exfiltration over USB
AC-02 Account Management Protects T1052.001 Exfiltration over USB
AC-20 Use of External Systems Protects T1052.001 Exfiltration over USB
AC-23 Data Mining Protection Protects T1052.001 Exfiltration over USB
AC-03 Access Enforcement Protects T1052.001 Exfiltration over USB
AC-06 Least Privilege Protects T1052.001 Exfiltration over USB
AC-02 Account Management Protects T1053.003 Cron
AC-03 Access Enforcement Protects T1053.003 Cron
AC-05 Separation of Duties Protects T1053.003 Cron
AC-06 Least Privilege Protects T1053.003 Cron
AC-02 Account Management Protects T1053.007 Container Orchestration Job
AC-03 Access Enforcement Protects T1053.007 Container Orchestration Job
AC-05 Separation of Duties Protects T1053.007 Container Orchestration Job
AC-06 Least Privilege Protects T1053.007 Container Orchestration Job
AC-02 Account Management Protects T1055 Process Injection
AC-03 Access Enforcement Protects T1055 Process Injection
AC-05 Separation of Duties Protects T1055 Process Injection
AC-06 Least Privilege Protects T1055 Process Injection
AC-06 Least Privilege Protects T1055.001 Dynamic-link Library Injection
AC-06 Least Privilege Protects T1055.002 Portable Executable Injection
AC-06 Least Privilege Protects T1055.003 Thread Execution Hijacking
AC-06 Least Privilege Protects T1055.004 Asynchronous Procedure Call
AC-06 Least Privilege Protects T1055.005 Thread Local Storage
AC-02 Account Management Protects T1055.008 Ptrace System Calls
AC-03 Access Enforcement Protects T1055.008 Ptrace System Calls
AC-05 Separation of Duties Protects T1055.008 Ptrace System Calls
AC-06 Least Privilege Protects T1055.008 Ptrace System Calls
AC-03 Access Enforcement Protects T1055.009 Proc Memory
AC-06 Least Privilege Protects T1055.009 Proc Memory
AC-06 Least Privilege Protects T1055.011 Extra Window Memory Injection
AC-06 Least Privilege Protects T1055.013 Process Doppelgänging
AC-06 Least Privilege Protects T1055.014 VDSO Hijacking
AC-02 Account Management Protects T1056.003 Web Portal Capture
AC-03 Access Enforcement Protects T1056.003 Web Portal Capture
AC-05 Separation of Duties Protects T1056.003 Web Portal Capture
AC-06 Least Privilege Protects T1056.003 Web Portal Capture
AC-17 Remote Access Protects T1059 Command and Scripting Interpreter
AC-02 Account Management Protects T1059 Command and Scripting Interpreter
AC-03 Access Enforcement Protects T1059 Command and Scripting Interpreter
AC-05 Separation of Duties Protects T1059 Command and Scripting Interpreter
AC-06 Least Privilege Protects T1059 Command and Scripting Interpreter
AC-17 Remote Access Protects T1059.001 PowerShell
AC-02 Account Management Protects T1059.001 PowerShell
AC-03 Access Enforcement Protects T1059.001 PowerShell
AC-05 Separation of Duties Protects T1059.001 PowerShell
AC-06 Least Privilege Protects T1059.001 PowerShell
AC-17 Remote Access Protects T1059.002 AppleScript
AC-02 Account Management Protects T1059.002 AppleScript
AC-03 Access Enforcement Protects T1059.002 AppleScript
AC-06 Least Privilege Protects T1059.002 AppleScript
AC-17 Remote Access Protects T1059.003 Windows Command Shell
AC-02 Account Management Protects T1059.003 Windows Command Shell
AC-03 Access Enforcement Protects T1059.003 Windows Command Shell
AC-06 Least Privilege Protects T1059.003 Windows Command Shell
AC-17 Remote Access Protects T1059.004 Unix Shell
AC-02 Account Management Protects T1059.004 Unix Shell
AC-03 Access Enforcement Protects T1059.004 Unix Shell
AC-06 Least Privilege Protects T1059.004 Unix Shell
AC-17 Remote Access Protects T1059.005 Visual Basic
AC-02 Account Management Protects T1059.005 Visual Basic
AC-03 Access Enforcement Protects T1059.005 Visual Basic
AC-06 Least Privilege Protects T1059.005 Visual Basic
AC-17 Remote Access Protects T1059.006 Python
AC-02 Account Management Protects T1059.006 Python
AC-03 Access Enforcement Protects T1059.006 Python
AC-06 Least Privilege Protects T1059.006 Python
AC-17 Remote Access Protects T1059.007 JavaScript
AC-02 Account Management Protects T1059.007 JavaScript
AC-03 Access Enforcement Protects T1059.007 JavaScript
AC-06 Least Privilege Protects T1059.007 JavaScript
AC-17 Remote Access Protects T1059.008 Network Device CLI
AC-02 Account Management Protects T1059.008 Network Device CLI
AC-03 Access Enforcement Protects T1059.008 Network Device CLI
AC-05 Separation of Duties Protects T1059.008 Network Device CLI
AC-06 Least Privilege Protects T1059.008 Network Device CLI
AC-16 Security and Privacy Attributes Protects T1070.002 Clear Linux or Mac System Logs
AC-17 Remote Access Protects T1070.002 Clear Linux or Mac System Logs
AC-18 Wireless Access Protects T1070.002 Clear Linux or Mac System Logs
AC-19 Access Control for Mobile Devices Protects T1070.002 Clear Linux or Mac System Logs
AC-02 Account Management Protects T1070.002 Clear Linux or Mac System Logs
AC-03 Access Enforcement Protects T1070.002 Clear Linux or Mac System Logs
AC-05 Separation of Duties Protects T1070.002 Clear Linux or Mac System Logs
AC-06 Least Privilege Protects T1070.002 Clear Linux or Mac System Logs
AC-04 Information Flow Enforcement Protects T1071.003 Mail Protocols
AC-03 Access Enforcement Protects T1071.004 DNS
AC-04 Information Flow Enforcement Protects T1071.004 DNS
AC-02 Account Management Protects T1078.001 Default Accounts
AC-05 Separation of Duties Protects T1078.001 Default Accounts
AC-06 Least Privilege Protects T1078.001 Default Accounts
AC-02 Account Management Protects T1078.002 Domain Accounts
AC-20 Use of External Systems Protects T1078.002 Domain Accounts
AC-03 Access Enforcement Protects T1078.002 Domain Accounts
AC-05 Separation of Duties Protects T1078.002 Domain Accounts
AC-06 Least Privilege Protects T1078.002 Domain Accounts
AC-07 Unsuccessful Logon Attempts Protects T1078.002 Domain Accounts
AC-02 Account Management Protects T1078.003 Local Accounts
AC-03 Access Enforcement Protects T1078.003 Local Accounts
AC-05 Separation of Duties Protects T1078.003 Local Accounts
AC-06 Least Privilege Protects T1078.003 Local Accounts
AC-02 Account Management Protects T1087.004 Cloud Account
AC-03 Access Enforcement Protects T1087.004 Cloud Account
AC-05 Separation of Duties Protects T1087.004 Cloud Account
AC-06 Least Privilege Protects T1087.004 Cloud Account
AC-03 Access Enforcement Protects T1090 Proxy
AC-04 Information Flow Enforcement Protects T1090 Proxy
AC-04 Information Flow Enforcement Protects T1090.001 Internal Proxy
AC-04 Information Flow Enforcement Protects T1090.002 External Proxy
AC-03 Access Enforcement Protects T1090.003 Multi-hop Proxy
AC-04 Information Flow Enforcement Protects T1090.003 Multi-hop Proxy
AC-02 Account Management Protects T1098.002 Additional Email Delegate Permissions
AC-03 Access Enforcement Protects T1098.002 Additional Email Delegate Permissions
AC-05 Separation of Duties Protects T1098.002 Additional Email Delegate Permissions
AC-06 Least Privilege Protects T1098.002 Additional Email Delegate Permissions
AC-20 Use of External Systems Protects T1098.002 Additional Email Delegate Permissions
AC-04 Information Flow Enforcement Protects T1102 Web Service
AC-04 Information Flow Enforcement Protects T1102.001 Dead Drop Resolver
AC-04 Information Flow Enforcement Protects T1102.002 Bidirectional Communication
AC-04 Information Flow Enforcement Protects T1102.003 One-Way Communication
AC-04 Information Flow Enforcement Protects T1104 Multi-Stage Channels
AC-02 Account Management Protects T1110.001 Password Guessing
AC-20 Use of External Systems Protects T1110.001 Password Guessing
AC-03 Access Enforcement Protects T1110.001 Password Guessing
AC-05 Separation of Duties Protects T1110.001 Password Guessing
AC-06 Least Privilege Protects T1110.001 Password Guessing
AC-07 Unsuccessful Logon Attempts Protects T1110.001 Password Guessing
AC-02 Account Management Protects T1110.002 Password Cracking
AC-20 Use of External Systems Protects T1110.002 Password Cracking
AC-03 Access Enforcement Protects T1110.002 Password Cracking
AC-05 Separation of Duties Protects T1110.002 Password Cracking
AC-06 Least Privilege Protects T1110.002 Password Cracking
AC-07 Unsuccessful Logon Attempts Protects T1110.002 Password Cracking
AC-02 Account Management Protects T1110.003 Password Spraying
AC-20 Use of External Systems Protects T1110.003 Password Spraying
AC-03 Access Enforcement Protects T1110.003 Password Spraying
AC-05 Separation of Duties Protects T1110.003 Password Spraying
AC-06 Least Privilege Protects T1110.003 Password Spraying
AC-07 Unsuccessful Logon Attempts Protects T1110.003 Password Spraying
AC-02 Account Management Protects T1110.004 Credential Stuffing
AC-20 Use of External Systems Protects T1110.004 Credential Stuffing
AC-03 Access Enforcement Protects T1110.004 Credential Stuffing
AC-05 Separation of Duties Protects T1110.004 Credential Stuffing
AC-06 Least Privilege Protects T1110.004 Credential Stuffing
AC-07 Unsuccessful Logon Attempts Protects T1110.004 Credential Stuffing
AC-16 Security and Privacy Attributes Protects T1114.001 Local Email Collection
AC-17 Remote Access Protects T1114.001 Local Email Collection
AC-19 Access Control for Mobile Devices Protects T1114.001 Local Email Collection
AC-20 Use of External Systems Protects T1114.001 Local Email Collection
AC-04 Information Flow Enforcement Protects T1114.001 Local Email Collection
AC-16 Security and Privacy Attributes Protects T1119 Automated Collection
AC-17 Remote Access Protects T1119 Automated Collection
AC-18 Wireless Access Protects T1119 Automated Collection
AC-19 Access Control for Mobile Devices Protects T1119 Automated Collection
AC-20 Use of External Systems Protects T1119 Automated Collection
AC-04 Information Flow Enforcement Protects T1132.002 Non-Standard Encoding
AC-20 Use of External Systems Protects T1134.005 SID-History Injection
AC-03 Access Enforcement Protects T1134.005 SID-History Injection
AC-04 Information Flow Enforcement Protects T1134.005 SID-History Injection
AC-05 Separation of Duties Protects T1134.005 SID-History Injection
AC-06 Least Privilege Protects T1134.005 SID-History Injection
AC-02 Account Management Protects T1136.002 Domain Account
AC-20 Use of External Systems Protects T1136.002 Domain Account
AC-03 Access Enforcement Protects T1136.002 Domain Account
AC-04 Information Flow Enforcement Protects T1136.002 Domain Account
AC-05 Separation of Duties Protects T1136.002 Domain Account
AC-06 Least Privilege Protects T1136.002 Domain Account
AC-10 Concurrent Session Control Protects T1137 Office Application Startup
AC-17 Remote Access Protects T1137 Office Application Startup
AC-06 Least Privilege Protects T1137 Office Application Startup
AC-06 Least Privilege Protects T1137.001 Office Template Macros
AC-10 Concurrent Session Control Protects T1137.002 Office Test
AC-14 Permitted Actions Without Identification or Authentication Protects T1137.002 Office Test
AC-17 Remote Access Protects T1137.002 Office Test
AC-06 Least Privilege Protects T1137.002 Office Test
AC-06 Least Privilege Protects T1137.003 Outlook Forms
AC-06 Least Privilege Protects T1137.004 Outlook Home Page
AC-06 Least Privilege Protects T1137.005 Outlook Rules
AC-06 Least Privilege Protects T1137.006 Add-ins
AC-06 Least Privilege Protects T1176 Browser Extensions
AC-10 Concurrent Session Control Protects T1185 Browser Session Hijacking
AC-12 Session Termination Protects T1185 Browser Session Hijacking
AC-02 Account Management Protects T1185 Browser Session Hijacking
AC-03 Access Enforcement Protects T1185 Browser Session Hijacking
AC-05 Separation of Duties Protects T1185 Browser Session Hijacking
AC-06 Least Privilege Protects T1185 Browser Session Hijacking
AC-03 Access Enforcement Protects T1199 Trusted Relationship
AC-04 Information Flow Enforcement Protects T1199 Trusted Relationship
AC-06 Least Privilege Protects T1199 Trusted Relationship
AC-08 System Use Notification Protects T1199 Trusted Relationship
AC-04 Information Flow Enforcement Protects T1203 Exploitation for Client Execution
AC-06 Least Privilege Protects T1203 Exploitation for Client Execution
AC-04 Information Flow Enforcement Protects T1204 User Execution
AC-04 Information Flow Enforcement Protects T1204.001 Malicious Link
AC-04 Information Flow Enforcement Protects T1204.002 Malicious File
AC-04 Information Flow Enforcement Protects T1204.003 Malicious Image
AC-03 Access Enforcement Protects T1205 Traffic Signaling
AC-04 Information Flow Enforcement Protects T1205 Traffic Signaling
AC-03 Access Enforcement Protects T1205.001 Port Knocking
AC-04 Information Flow Enforcement Protects T1205.001 Port Knocking
AC-04 Information Flow Enforcement Protects T1205.002 Socket Filters
AC-02 Account Management Protects T1210 Exploitation of Remote Services
AC-03 Access Enforcement Protects T1210 Exploitation of Remote Services
AC-04 Information Flow Enforcement Protects T1210 Exploitation of Remote Services
AC-05 Separation of Duties Protects T1210 Exploitation of Remote Services
AC-06 Least Privilege Protects T1210 Exploitation of Remote Services
AC-16 Security and Privacy Attributes Protects T1213 Data from Information Repositories
AC-17 Remote Access Protects T1213 Data from Information Repositories
AC-02 Account Management Protects T1213 Data from Information Repositories
AC-21 Information Sharing Protects T1213 Data from Information Repositories
AC-23 Data Mining Protection Protects T1213 Data from Information Repositories
AC-03 Access Enforcement Protects T1213 Data from Information Repositories
AC-04 Information Flow Enforcement Protects T1213 Data from Information Repositories
AC-05 Separation of Duties Protects T1213 Data from Information Repositories
AC-06 Least Privilege Protects T1213 Data from Information Repositories
AC-16 Security and Privacy Attributes Protects T1213.001 Confluence
AC-17 Remote Access Protects T1213.001 Confluence
AC-02 Account Management Protects T1213.001 Confluence
AC-21 Information Sharing Protects T1213.001 Confluence
AC-23 Data Mining Protection Protects T1213.001 Confluence
AC-03 Access Enforcement Protects T1213.001 Confluence
AC-04 Information Flow Enforcement Protects T1213.001 Confluence
AC-05 Separation of Duties Protects T1213.001 Confluence
AC-06 Least Privilege Protects T1213.001 Confluence
AC-16 Security and Privacy Attributes Protects T1213.002 Sharepoint
AC-17 Remote Access Protects T1213.002 Sharepoint
AC-02 Account Management Protects T1213.002 Sharepoint
AC-21 Information Sharing Protects T1213.002 Sharepoint
AC-23 Data Mining Protection Protects T1213.002 Sharepoint
AC-03 Access Enforcement Protects T1213.002 Sharepoint
AC-04 Information Flow Enforcement Protects T1213.002 Sharepoint
AC-05 Separation of Duties Protects T1213.002 Sharepoint
AC-06 Least Privilege Protects T1213.002 Sharepoint
AC-02 Account Management Protects T1213.003 Code Repositories
AC-03 Access Enforcement Protects T1213.003 Code Repositories
AC-05 Separation of Duties Protects T1213.003 Code Repositories
AC-06 Least Privilege Protects T1213.003 Code Repositories
AC-02 Account Management Protects T1218 System Binary Proxy Execution
AC-06 Least Privilege Protects T1218 System Binary Proxy Execution
AC-03 Access Enforcement Protects T1218 System Binary Proxy Execution
AC-05 Separation of Duties Protects T1218 System Binary Proxy Execution
AC-03 Access Enforcement Protects T1218.002 Control Panel
AC-02 Account Management Protects T1218.007 Msiexec
AC-03 Access Enforcement Protects T1218.007 Msiexec
AC-05 Separation of Duties Protects T1218.007 Msiexec
AC-06 Least Privilege Protects T1218.007 Msiexec
AC-03 Access Enforcement Protects T1218.012 Verclsid
AC-04 Information Flow Enforcement Protects T1218.012 Verclsid
AC-16 Security and Privacy Attributes Protects T1222 File and Directory Permissions Modification
AC-02 Account Management Protects T1222 File and Directory Permissions Modification
AC-03 Access Enforcement Protects T1222 File and Directory Permissions Modification
AC-05 Separation of Duties Protects T1222 File and Directory Permissions Modification
AC-06 Least Privilege Protects T1222 File and Directory Permissions Modification
AC-16 Security and Privacy Attributes Protects T1222.001 Windows File and Directory Permissions Modification
AC-02 Account Management Protects T1222.001 Windows File and Directory Permissions Modification
AC-03 Access Enforcement Protects T1222.001 Windows File and Directory Permissions Modification
AC-05 Separation of Duties Protects T1222.001 Windows File and Directory Permissions Modification
AC-06 Least Privilege Protects T1222.001 Windows File and Directory Permissions Modification
AC-16 Security and Privacy Attributes Protects T1222.002 Linux and Mac File and Directory Permissions Modification
AC-02 Account Management Protects T1222.002 Linux and Mac File and Directory Permissions Modification
AC-03 Access Enforcement Protects T1222.002 Linux and Mac File and Directory Permissions Modification
AC-05 Separation of Duties Protects T1222.002 Linux and Mac File and Directory Permissions Modification
AC-06 Least Privilege Protects T1222.002 Linux and Mac File and Directory Permissions Modification
AC-04 Information Flow Enforcement Protects T1482 Domain Trust Discovery
AC-02 Account Management Protects T1484 Domain Policy Modification
AC-03 Access Enforcement Protects T1484 Domain Policy Modification
AC-04 Information Flow Enforcement Protects T1484 Domain Policy Modification
AC-05 Separation of Duties Protects T1484 Domain Policy Modification
AC-06 Least Privilege Protects T1484 Domain Policy Modification
AC-03 Access Enforcement Protects T1486 Data Encrypted for Impact
AC-06 Least Privilege Protects T1486 Data Encrypted for Impact
AC-02 Account Management Protects T1489 Service Stop
AC-03 Access Enforcement Protects T1489 Service Stop
AC-04 Information Flow Enforcement Protects T1489 Service Stop
AC-05 Separation of Duties Protects T1489 Service Stop
AC-06 Least Privilege Protects T1489 Service Stop
AC-03 Access Enforcement Protects T1491 Defacement
AC-06 Least Privilege Protects T1491 Defacement
AC-03 Access Enforcement Protects T1491.001 Internal Defacement
AC-06 Least Privilege Protects T1491.001 Internal Defacement
AC-03 Access Enforcement Protects T1491.002 External Defacement
AC-06 Least Privilege Protects T1491.002 External Defacement
AC-02 Account Management Protects T1495 Firmware Corruption
AC-03 Access Enforcement Protects T1495 Firmware Corruption
AC-05 Separation of Duties Protects T1495 Firmware Corruption
AC-06 Least Privilege Protects T1495 Firmware Corruption
AC-03 Access Enforcement Protects T1498 Network Denial of Service
AC-04 Information Flow Enforcement Protects T1498 Network Denial of Service
AC-03 Access Enforcement Protects T1498.001 Direct Network Flood
AC-04 Information Flow Enforcement Protects T1498.001 Direct Network Flood
AC-03 Access Enforcement Protects T1498.002 Reflection Amplification
AC-04 Information Flow Enforcement Protects T1498.002 Reflection Amplification
AC-03 Access Enforcement Protects T1499.003 Application Exhaustion Flood
AC-04 Information Flow Enforcement Protects T1499.003 Application Exhaustion Flood
AC-03 Access Enforcement Protects T1499.004 Application or System Exploitation
AC-04 Information Flow Enforcement Protects T1499.004 Application or System Exploitation
AC-16 Security and Privacy Attributes Protects T1505 Server Software Component
AC-02 Account Management Protects T1505 Server Software Component
AC-03 Access Enforcement Protects T1505 Server Software Component
AC-05 Separation of Duties Protects T1505 Server Software Component
AC-06 Least Privilege Protects T1505 Server Software Component
AC-16 Security and Privacy Attributes Protects T1505.002 Transport Agent
AC-02 Account Management Protects T1505.002 Transport Agent
AC-03 Access Enforcement Protects T1505.002 Transport Agent
AC-05 Separation of Duties Protects T1505.002 Transport Agent
AC-06 Least Privilege Protects T1505.002 Transport Agent
AC-02 Account Management Protects T1505.003 Web Shell
AC-03 Access Enforcement Protects T1505.003 Web Shell
AC-05 Separation of Duties Protects T1505.003 Web Shell
AC-06 Least Privilege Protects T1505.003 Web Shell
AC-17 Remote Access Protects T1505.004 IIS Components
AC-03 Access Enforcement Protects T1505.004 IIS Components
AC-04 Information Flow Enforcement Protects T1505.004 IIS Components
AC-06 Least Privilege Protects T1505.004 IIS Components
AC-12 Session Termination Protects T1505.005 Terminal Services DLL
AC-17 Remote Access Protects T1505.005 Terminal Services DLL
AC-02 Account Management Protects T1505.005 Terminal Services DLL
AC-20 Use of External Systems Protects T1505.005 Terminal Services DLL
AC-03 Access Enforcement Protects T1505.005 Terminal Services DLL
AC-05 Separation of Duties Protects T1505.005 Terminal Services DLL
AC-06 Least Privilege Protects T1505.005 Terminal Services DLL
AC-02 Account Management Protects T1525 Implant Internal Image
AC-03 Access Enforcement Protects T1525 Implant Internal Image
AC-05 Separation of Duties Protects T1525 Implant Internal Image
AC-06 Least Privilege Protects T1525 Implant Internal Image
AC-10 Concurrent Session Control Protects T1528 Steal Application Access Token
AC-02 Account Management Protects T1528 Steal Application Access Token
AC-03 Access Enforcement Protects T1528 Steal Application Access Token
AC-04 Information Flow Enforcement Protects T1528 Steal Application Access Token
AC-05 Separation of Duties Protects T1528 Steal Application Access Token
AC-06 Least Privilege Protects T1528 Steal Application Access Token
AC-16 Security and Privacy Attributes Protects T1537 Transfer Data to Cloud Account
AC-17 Remote Access Protects T1537 Transfer Data to Cloud Account
AC-02 Account Management Protects T1537 Transfer Data to Cloud Account
AC-20 Use of External Systems Protects T1537 Transfer Data to Cloud Account
AC-03 Access Enforcement Protects T1537 Transfer Data to Cloud Account
AC-04 Information Flow Enforcement Protects T1537 Transfer Data to Cloud Account
AC-05 Separation of Duties Protects T1537 Transfer Data to Cloud Account
AC-06 Least Privilege Protects T1537 Transfer Data to Cloud Account
AC-02 Account Management Protects T1538 Cloud Service Dashboard
AC-03 Access Enforcement Protects T1538 Cloud Service Dashboard
AC-05 Separation of Duties Protects T1538 Cloud Service Dashboard
AC-06 Least Privilege Protects T1538 Cloud Service Dashboard
AC-02 Account Management Protects T1542 Pre-OS Boot
AC-03 Access Enforcement Protects T1542 Pre-OS Boot
AC-05 Separation of Duties Protects T1542 Pre-OS Boot
AC-06 Least Privilege Protects T1542 Pre-OS Boot
AC-03 Access Enforcement Protects T1542.004 ROMMONkit
AC-06 Least Privilege Protects T1542.004 ROMMONkit
AC-02 Account Management Protects T1542.005 TFTP Boot
AC-03 Access Enforcement Protects T1542.005 TFTP Boot
AC-05 Separation of Duties Protects T1542.005 TFTP Boot
AC-06 Least Privilege Protects T1542.005 TFTP Boot
AC-17 Remote Access Protects T1543 Create or Modify System Process
AC-02 Account Management Protects T1543 Create or Modify System Process
AC-03 Access Enforcement Protects T1543 Create or Modify System Process
AC-05 Separation of Duties Protects T1543 Create or Modify System Process
AC-06 Least Privilege Protects T1543 Create or Modify System Process
AC-02 Account Management Protects T1543.001 Launch Agent
AC-03 Access Enforcement Protects T1543.001 Launch Agent
AC-05 Separation of Duties Protects T1543.001 Launch Agent
AC-06 Least Privilege Protects T1543.001 Launch Agent
AC-02 Account Management Protects T1543.004 Launch Daemon
AC-03 Access Enforcement Protects T1543.004 Launch Daemon
AC-05 Separation of Duties Protects T1543.004 Launch Daemon
AC-06 Least Privilege Protects T1543.004 Launch Daemon
AC-02 Account Management Protects T1546.003 Windows Management Instrumentation Event Subscription
AC-03 Access Enforcement Protects T1546.003 Windows Management Instrumentation Event Subscription
AC-05 Separation of Duties Protects T1546.003 Windows Management Instrumentation Event Subscription
AC-06 Least Privilege Protects T1546.003 Windows Management Instrumentation Event Subscription
AC-03 Access Enforcement Protects T1546.004 Unix Shell Configuration Modification
AC-06 Least Privilege Protects T1546.004 Unix Shell Configuration Modification
AC-06 Least Privilege Protects T1546.011 Application Shimming
AC-03 Access Enforcement Protects T1546.013 PowerShell Profile
AC-06 Least Privilege Protects T1546.013 PowerShell Profile
AC-06 Least Privilege Protects T1546.016 Installer Packages
AC-17 Remote Access Protects T1547.003 Time Providers
AC-03 Access Enforcement Protects T1547.003 Time Providers
AC-04 Information Flow Enforcement Protects T1547.003 Time Providers
AC-06 Least Privilege Protects T1547.003 Time Providers
AC-17 Remote Access Protects T1547.004 Winlogon Helper DLL
AC-02 Account Management Protects T1547.004 Winlogon Helper DLL
AC-03 Access Enforcement Protects T1547.004 Winlogon Helper DLL
AC-05 Separation of Duties Protects T1547.004 Winlogon Helper DLL
AC-06 Least Privilege Protects T1547.004 Winlogon Helper DLL
AC-02 Account Management Protects T1547.006 Kernel Modules and Extensions
AC-03 Access Enforcement Protects T1547.006 Kernel Modules and Extensions
AC-05 Separation of Duties Protects T1547.006 Kernel Modules and Extensions
AC-06 Least Privilege Protects T1547.006 Kernel Modules and Extensions
AC-16 Security and Privacy Attributes Protects T1547.007 Re-opened Applications
AC-03 Access Enforcement Protects T1547.007 Re-opened Applications
AC-17 Remote Access Protects T1547.009 Shortcut Modification
AC-02 Account Management Protects T1547.009 Shortcut Modification
AC-03 Access Enforcement Protects T1547.009 Shortcut Modification
AC-05 Separation of Duties Protects T1547.009 Shortcut Modification
AC-06 Least Privilege Protects T1547.009 Shortcut Modification
AC-02 Account Management Protects T1548.002 Bypass User Account Control
AC-03 Access Enforcement Protects T1548.002 Bypass User Account Control
AC-05 Separation of Duties Protects T1548.002 Bypass User Account Control
AC-06 Least Privilege Protects T1548.002 Bypass User Account Control
AC-16 Security and Privacy Attributes Protects T1548.003 Sudo and Sudo Caching
AC-02 Account Management Protects T1548.003 Sudo and Sudo Caching
AC-03 Access Enforcement Protects T1548.003 Sudo and Sudo Caching
AC-05 Separation of Duties Protects T1548.003 Sudo and Sudo Caching
AC-06 Least Privilege Protects T1548.003 Sudo and Sudo Caching
AC-02 Account Management Protects T1550 Use Alternate Authentication Material
AC-03 Access Enforcement Protects T1550 Use Alternate Authentication Material
AC-05 Separation of Duties Protects T1550 Use Alternate Authentication Material
AC-06 Least Privilege Protects T1550 Use Alternate Authentication Material
AC-02 Account Management Protects T1550.002 Pass the Hash
AC-03 Access Enforcement Protects T1550.002 Pass the Hash
AC-05 Separation of Duties Protects T1550.002 Pass the Hash
AC-06 Least Privilege Protects T1550.002 Pass the Hash
AC-02 Account Management Protects T1550.003 Pass the Ticket
AC-03 Access Enforcement Protects T1550.003 Pass the Ticket
AC-05 Separation of Duties Protects T1550.003 Pass the Ticket
AC-06 Least Privilege Protects T1550.003 Pass the Ticket
AC-02 Account Management Protects T1552.006 Group Policy Preferences
AC-05 Separation of Duties Protects T1552.006 Group Policy Preferences
AC-06 Least Privilege Protects T1552.006 Group Policy Preferences
AC-17 Remote Access Protects T1552.007 Container API
AC-02 Account Management Protects T1552.007 Container API
AC-23 Data Mining Protection Protects T1552.007 Container API
AC-03 Access Enforcement Protects T1552.007 Container API
AC-04 Information Flow Enforcement Protects T1552.007 Container API
AC-05 Separation of Duties Protects T1552.007 Container API
AC-06 Least Privilege Protects T1552.007 Container API
AC-06 Least Privilege Protects T1553 Subvert Trust Controls
AC-03 Access Enforcement Protects T1553.003 SIP and Trust Provider Hijacking
AC-06 Least Privilege Protects T1553.003 SIP and Trust Provider Hijacking
AC-06 Least Privilege Protects T1553.006 Code Signing Policy Modification
AC-02 Account Management Protects T1556.001 Domain Controller Authentication
AC-20 Use of External Systems Protects T1556.001 Domain Controller Authentication
AC-03 Access Enforcement Protects T1556.001 Domain Controller Authentication
AC-05 Separation of Duties Protects T1556.001 Domain Controller Authentication
AC-06 Least Privilege Protects T1556.001 Domain Controller Authentication
AC-07 Unsuccessful Logon Attempts Protects T1556.001 Domain Controller Authentication
AC-02 Account Management Protects T1556.003 Pluggable Authentication Modules
AC-20 Use of External Systems Protects T1556.003 Pluggable Authentication Modules
AC-03 Access Enforcement Protects T1556.003 Pluggable Authentication Modules
AC-05 Separation of Duties Protects T1556.003 Pluggable Authentication Modules
AC-06 Least Privilege Protects T1556.003 Pluggable Authentication Modules
AC-07 Unsuccessful Logon Attempts Protects T1556.003 Pluggable Authentication Modules
AC-02 Account Management Protects T1556.004 Network Device Authentication
AC-20 Use of External Systems Protects T1556.004 Network Device Authentication
AC-03 Access Enforcement Protects T1556.004 Network Device Authentication
AC-05 Separation of Duties Protects T1556.004 Network Device Authentication
AC-06 Least Privilege Protects T1556.004 Network Device Authentication
AC-07 Unsuccessful Logon Attempts Protects T1556.004 Network Device Authentication
AC-02 Account Management Protects T1556.005 Reversible Encryption
AC-05 Separation of Duties Protects T1556.005 Reversible Encryption
AC-06 Least Privilege Protects T1556.005 Reversible Encryption
AC-02 Account Management Protects T1556.006 Multi-Factor Authentication
AC-03 Access Enforcement Protects T1556.006 Multi-Factor Authentication
AC-06 Least Privilege Protects T1556.006 Multi-Factor Authentication
AC-02 Account Management Protects T1556.007 Hybrid Identity
AC-03 Access Enforcement Protects T1556.007 Hybrid Identity
AC-06 Least Privilege Protects T1556.007 Hybrid Identity
AC-03 Access Enforcement Protects T1557.001 LLMNR/NBT-NS Poisoning and SMB Relay
AC-04 Information Flow Enforcement Protects T1557.001 LLMNR/NBT-NS Poisoning and SMB Relay
AC-16 Security and Privacy Attributes Protects T1557.002 ARP Cache Poisoning
AC-17 Remote Access Protects T1557.002 ARP Cache Poisoning
AC-18 Wireless Access Protects T1557.002 ARP Cache Poisoning
AC-19 Access Control for Mobile Devices Protects T1557.002 ARP Cache Poisoning
AC-20 Use of External Systems Protects T1557.002 ARP Cache Poisoning
AC-03 Access Enforcement Protects T1557.002 ARP Cache Poisoning
AC-04 Information Flow Enforcement Protects T1557.002 ARP Cache Poisoning
AC-03 Access Enforcement Protects T1557.003 DHCP Spoofing
AC-04 Information Flow Enforcement Protects T1557.003 DHCP Spoofing
AC-16 Security and Privacy Attributes Protects T1558 Steal or Forge Kerberos Tickets
AC-17 Remote Access Protects T1558 Steal or Forge Kerberos Tickets
AC-18 Wireless Access Protects T1558 Steal or Forge Kerberos Tickets
AC-19 Access Control for Mobile Devices Protects T1558 Steal or Forge Kerberos Tickets
AC-02 Account Management Protects T1558 Steal or Forge Kerberos Tickets
AC-03 Access Enforcement Protects T1558 Steal or Forge Kerberos Tickets
AC-05 Separation of Duties Protects T1558 Steal or Forge Kerberos Tickets
AC-06 Least Privilege Protects T1558 Steal or Forge Kerberos Tickets
AC-02 Account Management Protects T1558.001 Golden Ticket
AC-03 Access Enforcement Protects T1558.001 Golden Ticket
AC-05 Separation of Duties Protects T1558.001 Golden Ticket
AC-06 Least Privilege Protects T1558.001 Golden Ticket
AC-16 Security and Privacy Attributes Protects T1558.002 Silver Ticket
AC-17 Remote Access Protects T1558.002 Silver Ticket
AC-18 Wireless Access Protects T1558.002 Silver Ticket
AC-19 Access Control for Mobile Devices Protects T1558.002 Silver Ticket
AC-02 Account Management Protects T1558.002 Silver Ticket
AC-03 Access Enforcement Protects T1558.002 Silver Ticket
AC-05 Separation of Duties Protects T1558.002 Silver Ticket
AC-06 Least Privilege Protects T1558.002 Silver Ticket
AC-16 Security and Privacy Attributes Protects T1558.003 Kerberoasting
AC-17 Remote Access Protects T1558.003 Kerberoasting
AC-18 Wireless Access Protects T1558.003 Kerberoasting
AC-19 Access Control for Mobile Devices Protects T1558.003 Kerberoasting
AC-02 Account Management Protects T1558.003 Kerberoasting
AC-03 Access Enforcement Protects T1558.003 Kerberoasting
AC-05 Separation of Duties Protects T1558.003 Kerberoasting
AC-06 Least Privilege Protects T1558.003 Kerberoasting
AC-16 Security and Privacy Attributes Protects T1558.004 AS-REP Roasting
AC-17 Remote Access Protects T1558.004 AS-REP Roasting
AC-18 Wireless Access Protects T1558.004 AS-REP Roasting
AC-19 Access Control for Mobile Devices Protects T1558.004 AS-REP Roasting
AC-02 Account Management Protects T1558.004 AS-REP Roasting
AC-03 Access Enforcement Protects T1558.004 AS-REP Roasting
AC-02 Account Management Protects T1559 Inter-Process Communication
AC-03 Access Enforcement Protects T1559 Inter-Process Communication
AC-04 Information Flow Enforcement Protects T1559 Inter-Process Communication
AC-05 Separation of Duties Protects T1559 Inter-Process Communication
AC-06 Least Privilege Protects T1559 Inter-Process Communication
AC-02 Account Management Protects T1559.001 Component Object Model
AC-03 Access Enforcement Protects T1559.001 Component Object Model
AC-04 Information Flow Enforcement Protects T1559.001 Component Object Model
AC-05 Separation of Duties Protects T1559.001 Component Object Model
AC-06 Least Privilege Protects T1559.001 Component Object Model
AC-04 Information Flow Enforcement Protects T1559.002 Dynamic Data Exchange
AC-06 Least Privilege Protects T1559.002 Dynamic Data Exchange
AC-02 Account Management Protects T1562.009 Safe Mode Boot
AC-03 Access Enforcement Protects T1562.009 Safe Mode Boot
AC-05 Separation of Duties Protects T1562.009 Safe Mode Boot
AC-06 Least Privilege Protects T1562.009 Safe Mode Boot
AC-17 Remote Access Protects T1563 Remote Service Session Hijacking
AC-02 Account Management Protects T1563 Remote Service Session Hijacking
AC-03 Access Enforcement Protects T1563 Remote Service Session Hijacking
AC-04 Information Flow Enforcement Protects T1563 Remote Service Session Hijacking
AC-05 Separation of Duties Protects T1563 Remote Service Session Hijacking
AC-06 Least Privilege Protects T1563 Remote Service Session Hijacking
AC-17 Remote Access Protects T1563.001 SSH Hijacking
AC-02 Account Management Protects T1563.001 SSH Hijacking
AC-03 Access Enforcement Protects T1563.001 SSH Hijacking
AC-05 Separation of Duties Protects T1563.001 SSH Hijacking
AC-06 Least Privilege Protects T1563.001 SSH Hijacking
AC-11 Device Lock Protects T1563.002 RDP Hijacking
AC-12 Session Termination Protects T1563.002 RDP Hijacking
AC-17 Remote Access Protects T1563.002 RDP Hijacking
AC-02 Account Management Protects T1563.002 RDP Hijacking
AC-03 Access Enforcement Protects T1563.002 RDP Hijacking
AC-04 Information Flow Enforcement Protects T1563.002 RDP Hijacking
AC-05 Separation of Duties Protects T1563.002 RDP Hijacking
AC-06 Least Privilege Protects T1563.002 RDP Hijacking
AC-16 Security and Privacy Attributes Protects T1564.004 NTFS File Attributes
AC-03 Access Enforcement Protects T1564.004 NTFS File Attributes
AC-16 Security and Privacy Attributes Protects T1565 Data Manipulation
AC-17 Remote Access Protects T1565 Data Manipulation
AC-18 Wireless Access Protects T1565 Data Manipulation
AC-19 Access Control for Mobile Devices Protects T1565 Data Manipulation
AC-20 Use of External Systems Protects T1565 Data Manipulation
AC-03 Access Enforcement Protects T1565 Data Manipulation
AC-04 Information Flow Enforcement Protects T1565 Data Manipulation
AC-16 Security and Privacy Attributes Protects T1565.001 Stored Data Manipulation
AC-17 Remote Access Protects T1565.001 Stored Data Manipulation
AC-18 Wireless Access Protects T1565.001 Stored Data Manipulation
AC-19 Access Control for Mobile Devices Protects T1565.001 Stored Data Manipulation
AC-20 Use of External Systems Protects T1565.001 Stored Data Manipulation
AC-03 Access Enforcement Protects T1565.001 Stored Data Manipulation
AC-16 Security and Privacy Attributes Protects T1565.002 Transmitted Data Manipulation
AC-17 Remote Access Protects T1565.002 Transmitted Data Manipulation
AC-18 Wireless Access Protects T1565.002 Transmitted Data Manipulation
AC-19 Access Control for Mobile Devices Protects T1565.002 Transmitted Data Manipulation
AC-20 Use of External Systems Protects T1565.002 Transmitted Data Manipulation
AC-03 Access Enforcement Protects T1565.003 Runtime Data Manipulation
AC-04 Information Flow Enforcement Protects T1565.003 Runtime Data Manipulation
AC-04 Information Flow Enforcement Protects T1566.001 Spearphishing Attachment
AC-04 Information Flow Enforcement Protects T1566.003 Spearphishing via Service
AC-20 Use of External Systems Protects T1567.001 Exfiltration to Code Repository
AC-04 Information Flow Enforcement Protects T1567.001 Exfiltration to Code Repository
AC-20 Use of External Systems Protects T1567.002 Exfiltration to Cloud Storage
AC-04 Information Flow Enforcement Protects T1567.002 Exfiltration to Cloud Storage
AC-04 Information Flow Enforcement Protects T1568 Dynamic Resolution
AC-04 Information Flow Enforcement Protects T1568.002 Domain Generation Algorithms
AC-02 Account Management Protects T1569 System Services
AC-03 Access Enforcement Protects T1569 System Services
AC-05 Separation of Duties Protects T1569 System Services
AC-06 Least Privilege Protects T1569 System Services
AC-02 Account Management Protects T1569.001 Launchctl
AC-03 Access Enforcement Protects T1569.001 Launchctl
AC-05 Separation of Duties Protects T1569.001 Launchctl
AC-06 Least Privilege Protects T1569.001 Launchctl
AC-03 Access Enforcement Protects T1572 Protocol Tunneling
AC-04 Information Flow Enforcement Protects T1572 Protocol Tunneling
AC-04 Information Flow Enforcement Protects T1573 Encrypted Channel
AC-04 Information Flow Enforcement Protects T1573.001 Symmetric Cryptography
AC-04 Information Flow Enforcement Protects T1573.002 Asymmetric Cryptography
AC-02 Account Management Protects T1574 Hijack Execution Flow
AC-03 Access Enforcement Protects T1574 Hijack Execution Flow
AC-04 Information Flow Enforcement Protects T1574 Hijack Execution Flow
AC-05 Separation of Duties Protects T1574 Hijack Execution Flow
AC-06 Least Privilege Protects T1574 Hijack Execution Flow
AC-02 Account Management Protects T1574.004 Dylib Hijacking
AC-03 Access Enforcement Protects T1574.004 Dylib Hijacking
AC-04 Information Flow Enforcement Protects T1574.004 Dylib Hijacking
AC-05 Separation of Duties Protects T1574.004 Dylib Hijacking
AC-06 Least Privilege Protects T1574.004 Dylib Hijacking
AC-02 Account Management Protects T1574.005 Executable Installer File Permissions Weakness
AC-03 Access Enforcement Protects T1574.005 Executable Installer File Permissions Weakness
AC-04 Information Flow Enforcement Protects T1574.005 Executable Installer File Permissions Weakness
AC-05 Separation of Duties Protects T1574.005 Executable Installer File Permissions Weakness
AC-06 Least Privilege Protects T1574.005 Executable Installer File Permissions Weakness
AC-02 Account Management Protects T1574.008 Path Interception by Search Order Hijacking
AC-03 Access Enforcement Protects T1574.008 Path Interception by Search Order Hijacking
AC-04 Information Flow Enforcement Protects T1574.008 Path Interception by Search Order Hijacking
AC-05 Separation of Duties Protects T1574.008 Path Interception by Search Order Hijacking
AC-06 Least Privilege Protects T1574.008 Path Interception by Search Order Hijacking
AC-02 Account Management Protects T1574.009 Path Interception by Unquoted Path
AC-03 Access Enforcement Protects T1574.009 Path Interception by Unquoted Path
AC-04 Information Flow Enforcement Protects T1574.009 Path Interception by Unquoted Path
AC-05 Separation of Duties Protects T1574.009 Path Interception by Unquoted Path
AC-06 Least Privilege Protects T1574.009 Path Interception by Unquoted Path
AC-02 Account Management Protects T1574.010 Services File Permissions Weakness
AC-03 Access Enforcement Protects T1574.010 Services File Permissions Weakness
AC-04 Information Flow Enforcement Protects T1574.010 Services File Permissions Weakness
AC-05 Separation of Duties Protects T1574.010 Services File Permissions Weakness
AC-06 Least Privilege Protects T1574.010 Services File Permissions Weakness
AC-06 Least Privilege Protects T1574.011 Services Registry Permissions Weakness
AC-02 Account Management Protects T1574.012 COR_PROFILER
AC-03 Access Enforcement Protects T1574.012 COR_PROFILER
AC-05 Separation of Duties Protects T1574.012 COR_PROFILER
AC-06 Least Privilege Protects T1574.012 COR_PROFILER
AC-02 Account Management Protects T1578.001 Create Snapshot
AC-03 Access Enforcement Protects T1578.001 Create Snapshot
AC-05 Separation of Duties Protects T1578.001 Create Snapshot
AC-06 Least Privilege Protects T1578.001 Create Snapshot
AC-02 Account Management Protects T1578.002 Create Cloud Instance
AC-03 Access Enforcement Protects T1578.002 Create Cloud Instance
AC-05 Separation of Duties Protects T1578.002 Create Cloud Instance
AC-06 Least Privilege Protects T1578.002 Create Cloud Instance
AC-02 Account Management Protects T1578.003 Delete Cloud Instance
AC-03 Access Enforcement Protects T1578.003 Delete Cloud Instance
AC-05 Separation of Duties Protects T1578.003 Delete Cloud Instance
AC-06 Least Privilege Protects T1578.003 Delete Cloud Instance
AC-02 Account Management Protects T1580 Cloud Infrastructure Discovery
AC-03 Access Enforcement Protects T1580 Cloud Infrastructure Discovery
AC-05 Separation of Duties Protects T1580 Cloud Infrastructure Discovery
AC-06 Least Privilege Protects T1580 Cloud Infrastructure Discovery
AC-20 Use of External Systems Protects T1583.007 Serverless
AC-20 Use of External Systems Protects T1584.004 Server
AC-02 Account Management Protects T1585.003 Cloud Accounts
AC-02 Account Management Protects T1586.003 Cloud Accounts
AC-04 Information Flow Enforcement Protects T1598.001 Spearphishing Service
AC-04 Information Flow Enforcement Protects T1598.002 Spearphishing Attachment
AC-02 Account Management Protects T1599 Network Boundary Bridging
AC-03 Access Enforcement Protects T1599 Network Boundary Bridging
AC-04 Information Flow Enforcement Protects T1599 Network Boundary Bridging
AC-05 Separation of Duties Protects T1599 Network Boundary Bridging
AC-06 Least Privilege Protects T1599 Network Boundary Bridging
AC-02 Account Management Protects T1599.001 Network Address Translation Traversal
AC-03 Access Enforcement Protects T1599.001 Network Address Translation Traversal
AC-04 Information Flow Enforcement Protects T1599.001 Network Address Translation Traversal
AC-05 Separation of Duties Protects T1599.001 Network Address Translation Traversal
AC-06 Least Privilege Protects T1599.001 Network Address Translation Traversal
AC-02 Account Management Protects T1601 Modify System Image
AC-03 Access Enforcement Protects T1601 Modify System Image
AC-04 Information Flow Enforcement Protects T1601 Modify System Image
AC-05 Separation of Duties Protects T1601 Modify System Image
AC-06 Least Privilege Protects T1601 Modify System Image
AC-02 Account Management Protects T1601.001 Patch System Image
AC-03 Access Enforcement Protects T1601.001 Patch System Image
AC-04 Information Flow Enforcement Protects T1601.001 Patch System Image
AC-05 Separation of Duties Protects T1601.001 Patch System Image
AC-06 Least Privilege Protects T1601.001 Patch System Image
AC-02 Account Management Protects T1601.002 Downgrade System Image
AC-03 Access Enforcement Protects T1601.002 Downgrade System Image
AC-04 Information Flow Enforcement Protects T1601.002 Downgrade System Image
AC-05 Separation of Duties Protects T1601.002 Downgrade System Image
AC-06 Least Privilege Protects T1601.002 Downgrade System Image
AC-16 Security and Privacy Attributes Protects T1602 Data from Configuration Repository
AC-17 Remote Access Protects T1602 Data from Configuration Repository
AC-18 Wireless Access Protects T1602 Data from Configuration Repository
AC-19 Access Control for Mobile Devices Protects T1602 Data from Configuration Repository
AC-20 Use of External Systems Protects T1602 Data from Configuration Repository
AC-03 Access Enforcement Protects T1602 Data from Configuration Repository
AC-04 Information Flow Enforcement Protects T1602 Data from Configuration Repository
AC-16 Security and Privacy Attributes Protects T1602.001 SNMP (MIB Dump)
AC-17 Remote Access Protects T1602.001 SNMP (MIB Dump)
AC-18 Wireless Access Protects T1602.001 SNMP (MIB Dump)
AC-19 Access Control for Mobile Devices Protects T1602.001 SNMP (MIB Dump)
AC-20 Use of External Systems Protects T1602.001 SNMP (MIB Dump)
AC-03 Access Enforcement Protects T1602.001 SNMP (MIB Dump)
AC-04 Information Flow Enforcement Protects T1602.001 SNMP (MIB Dump)
AC-16 Security and Privacy Attributes Protects T1602.002 Network Device Configuration Dump
AC-17 Remote Access Protects T1602.002 Network Device Configuration Dump
AC-18 Wireless Access Protects T1602.002 Network Device Configuration Dump
AC-19 Access Control for Mobile Devices Protects T1602.002 Network Device Configuration Dump
AC-20 Use of External Systems Protects T1602.002 Network Device Configuration Dump
AC-03 Access Enforcement Protects T1602.002 Network Device Configuration Dump
AC-04 Information Flow Enforcement Protects T1602.002 Network Device Configuration Dump
AC-02 Account Management Protects T1606.001 Web Cookies
AC-03 Access Enforcement Protects T1606.001 Web Cookies
AC-06 Least Privilege Protects T1606.001 Web Cookies
AC-02 Account Management Protects T1606.002 SAML Tokens
AC-03 Access Enforcement Protects T1606.002 SAML Tokens
AC-06 Least Privilege Protects T1606.002 SAML Tokens
AC-17 Remote Access Protects T1610 Deploy Container
AC-02 Account Management Protects T1610 Deploy Container
AC-03 Access Enforcement Protects T1610 Deploy Container
AC-06 Least Privilege Protects T1610 Deploy Container
AC-17 Remote Access Protects T1613 Container and Resource Discovery
AC-02 Account Management Protects T1613 Container and Resource Discovery
AC-03 Access Enforcement Protects T1613 Container and Resource Discovery
AC-06 Least Privilege Protects T1613 Container and Resource Discovery
AC-17 Remote Access Protects T1619 Cloud Storage Object Discovery
AC-02 Account Management Protects T1619 Cloud Storage Object Discovery
AC-03 Access Enforcement Protects T1619 Cloud Storage Object Discovery
AC-05 Separation of Duties Protects T1619 Cloud Storage Object Discovery
AC-06 Least Privilege Protects T1619 Cloud Storage Object Discovery
AC-03 Access Enforcement Protects T1622 Debugger Evasion
AC-04 Information Flow Enforcement Protects T1622 Debugger Evasion
AC-16 Security and Privacy Attributes Protects T1647 Plist File Modification
AC-17 Remote Access Protects T1647 Plist File Modification
AC-03 Access Enforcement Protects T1647 Plist File Modification
AC-06 Least Privilege Protects T1647 Plist File Modification
AC-02 Account Management Protects T1648 Serverless Execution
AC-03 Access Enforcement Protects T1648 Serverless Execution
AC-06 Least Privilege Protects T1648 Serverless Execution
AC-02 Account Management Protects T1654 Log Enumeration
AC-02 Account Management Protects T1621 Multi-Factor Authentication Request Generation
AC-06 Least Privilege Protects T1621 Multi-Factor Authentication Request Generation
AC-17 Remote Access Protects T1612 Build Image on Host
AC-02 Account Management Protects T1612 Build Image on Host
AC-03 Access Enforcement Protects T1612 Build Image on Host
AC-06 Least Privilege Protects T1612 Build Image on Host
AC-02 Account Management Protects T1606 Forge Web Credentials
AC-03 Access Enforcement Protects T1606 Forge Web Credentials
AC-05 Separation of Duties Protects T1606 Forge Web Credentials
AC-06 Least Privilege Protects T1606 Forge Web Credentials
AC-04 Information Flow Enforcement Protects T1598.003 Spearphishing Link
AC-04 Information Flow Enforcement Protects T1598 Phishing for Information
AC-02 Account Management Protects T1574.007 Path Interception by PATH Environment Variable
AC-03 Access Enforcement Protects T1574.007 Path Interception by PATH Environment Variable
AC-04 Information Flow Enforcement Protects T1574.007 Path Interception by PATH Environment Variable
AC-05 Separation of Duties Protects T1574.007 Path Interception by PATH Environment Variable
AC-06 Least Privilege Protects T1574.007 Path Interception by PATH Environment Variable
AC-04 Information Flow Enforcement Protects T1571 Non-Standard Port
AC-03 Access Enforcement Protects T1570 Lateral Tool Transfer
AC-04 Information Flow Enforcement Protects T1570 Lateral Tool Transfer
AC-04 Information Flow Enforcement Protects T1566.002 Spearphishing Link
AC-04 Information Flow Enforcement Protects T1566 Phishing
AC-04 Information Flow Enforcement Protects T1564.008 Email Hiding Rules
AC-03 Access Enforcement Protects T1562.008 Disable or Modify Cloud Logs
AC-05 Separation of Duties Protects T1562.008 Disable or Modify Cloud Logs
AC-06 Least Privilege Protects T1562.008 Disable or Modify Cloud Logs
AC-02 Account Management Protects T1562.008 Disable or Modify Cloud Logs
AC-02 Account Management Protects T1562.007 Disable or Modify Cloud Firewall
AC-03 Access Enforcement Protects T1562.007 Disable or Modify Cloud Firewall
AC-05 Separation of Duties Protects T1562.007 Disable or Modify Cloud Firewall
AC-06 Least Privilege Protects T1562.007 Disable or Modify Cloud Firewall
AC-02 Account Management Protects T1562.006 Indicator Blocking
AC-03 Access Enforcement Protects T1562.006 Indicator Blocking
AC-05 Separation of Duties Protects T1562.006 Indicator Blocking
AC-06 Least Privilege Protects T1562.006 Indicator Blocking
AC-02 Account Management Protects T1562.002 Disable Windows Event Logging
AC-03 Access Enforcement Protects T1562.002 Disable Windows Event Logging
AC-05 Separation of Duties Protects T1562.002 Disable Windows Event Logging
AC-06 Least Privilege Protects T1562.002 Disable Windows Event Logging
AC-02 Account Management Protects T1562.001 Disable or Modify Tools
AC-03 Access Enforcement Protects T1562.001 Disable or Modify Tools
AC-05 Separation of Duties Protects T1562.001 Disable or Modify Tools
AC-06 Least Privilege Protects T1562.001 Disable or Modify Tools
AC-03 Access Enforcement Protects T1561.002 Disk Structure Wipe
AC-06 Least Privilege Protects T1561.002 Disk Structure Wipe
AC-03 Access Enforcement Protects T1561.001 Disk Content Wipe
AC-06 Least Privilege Protects T1561.001 Disk Content Wipe
AC-03 Access Enforcement Protects T1561 Disk Wipe
AC-06 Least Privilege Protects T1561 Disk Wipe
AC-16 Security and Privacy Attributes Protects T1557 Adversary-in-the-Middle
AC-17 Remote Access Protects T1557 Adversary-in-the-Middle
AC-18 Wireless Access Protects T1557 Adversary-in-the-Middle
AC-19 Access Control for Mobile Devices Protects T1557 Adversary-in-the-Middle
AC-20 Use of External Systems Protects T1557 Adversary-in-the-Middle
AC-03 Access Enforcement Protects T1557 Adversary-in-the-Middle
AC-04 Information Flow Enforcement Protects T1557 Adversary-in-the-Middle
AC-16 Security and Privacy Attributes Protects T1552.004 Private Keys
AC-17 Remote Access Protects T1552.004 Private Keys
AC-18 Wireless Access Protects T1552.004 Private Keys
AC-19 Access Control for Mobile Devices Protects T1552.004 Private Keys
AC-02 Account Management Protects T1552.004 Private Keys
AC-20 Use of External Systems Protects T1552.004 Private Keys
AC-16 Security and Privacy Attributes Protects T1550.001 Application Access Token
AC-17 Remote Access Protects T1550.001 Application Access Token
AC-19 Access Control for Mobile Devices Protects T1550.001 Application Access Token
AC-20 Use of External Systems Protects T1550.001 Application Access Token
AC-17 Remote Access Protects T1547.013 XDG Autostart Entries
AC-02 Account Management Protects T1547.013 XDG Autostart Entries
AC-03 Access Enforcement Protects T1547.013 XDG Autostart Entries
AC-05 Separation of Duties Protects T1547.013 XDG Autostart Entries
AC-06 Least Privilege Protects T1547.013 XDG Autostart Entries
AC-17 Remote Access Protects T1547.012 Print Processors
AC-02 Account Management Protects T1547.012 Print Processors
AC-03 Access Enforcement Protects T1547.012 Print Processors
AC-05 Separation of Duties Protects T1547.012 Print Processors
AC-06 Least Privilege Protects T1547.012 Print Processors
AC-02 Account Management Protects T1543.002 Systemd Service
AC-03 Access Enforcement Protects T1543.002 Systemd Service
AC-05 Separation of Duties Protects T1543.002 Systemd Service
AC-06 Least Privilege Protects T1543.002 Systemd Service
AC-16 Security and Privacy Attributes Protects T1530 Data from Cloud Storage
AC-17 Remote Access Protects T1530 Data from Cloud Storage
AC-18 Wireless Access Protects T1530 Data from Cloud Storage
AC-19 Access Control for Mobile Devices Protects T1530 Data from Cloud Storage
AC-02 Account Management Protects T1530 Data from Cloud Storage
AC-20 Use of External Systems Protects T1530 Data from Cloud Storage
AC-03 Access Enforcement Protects T1530 Data from Cloud Storage
AC-04 Information Flow Enforcement Protects T1530 Data from Cloud Storage
AC-05 Separation of Duties Protects T1530 Data from Cloud Storage
AC-06 Least Privilege Protects T1530 Data from Cloud Storage
AC-07 Unsuccessful Logon Attempts Protects T1530 Data from Cloud Storage
AC-17 Remote Access Protects T1219 Remote Access Software
AC-03 Access Enforcement Protects T1219 Remote Access Software
AC-04 Information Flow Enforcement Protects T1219 Remote Access Software
AC-04 Information Flow Enforcement Protects T1211 Exploitation for Defense Evasion
AC-06 Least Privilege Protects T1211 Exploitation for Defense Evasion
AC-02 Account Management Protects T1190 Exploit Public-Facing Application
AC-03 Access Enforcement Protects T1190 Exploit Public-Facing Application
AC-04 Information Flow Enforcement Protects T1190 Exploit Public-Facing Application
AC-05 Separation of Duties Protects T1190 Exploit Public-Facing Application
AC-06 Least Privilege Protects T1190 Exploit Public-Facing Application
AC-04 Information Flow Enforcement Protects T1189 Drive-by Compromise
AC-06 Least Privilege Protects T1189 Drive-by Compromise
AC-16 Security and Privacy Attributes Protects T1114.003 Email Forwarding Rule
AC-17 Remote Access Protects T1114.003 Email Forwarding Rule
AC-19 Access Control for Mobile Devices Protects T1114.003 Email Forwarding Rule
AC-20 Use of External Systems Protects T1114.003 Email Forwarding Rule
AC-04 Information Flow Enforcement Protects T1114.003 Email Forwarding Rule
AC-20 Use of External Systems Protects T1111 Multi-Factor Authentication Interception
AC-04 Information Flow Enforcement Protects T1105 Ingress Tool Transfer
AC-02 Account Management Protects T1098.001 Additional Cloud Credentials
AC-20 Use of External Systems Protects T1098.001 Additional Cloud Credentials
AC-03 Access Enforcement Protects T1098.001 Additional Cloud Credentials
AC-04 Information Flow Enforcement Protects T1098.001 Additional Cloud Credentials
AC-05 Separation of Duties Protects T1098.001 Additional Cloud Credentials
AC-06 Least Privilege Protects T1098.001 Additional Cloud Credentials
AC-03 Access Enforcement Protects T1095 Non-Application Layer Protocol
AC-04 Information Flow Enforcement Protects T1095 Non-Application Layer Protocol
AC-02 Account Management Protects T1070.009 Clear Persistence
AC-03 Access Enforcement Protects T1070.009 Clear Persistence
AC-05 Separation of Duties Protects T1070.009 Clear Persistence
AC-06 Least Privilege Protects T1070.009 Clear Persistence
AC-16 Security and Privacy Attributes Protects T1070.001 Clear Windows Event Logs
AC-17 Remote Access Protects T1070.001 Clear Windows Event Logs
AC-18 Wireless Access Protects T1070.001 Clear Windows Event Logs
AC-19 Access Control for Mobile Devices Protects T1070.001 Clear Windows Event Logs
AC-02 Account Management Protects T1070.001 Clear Windows Event Logs
AC-03 Access Enforcement Protects T1070.001 Clear Windows Event Logs
AC-05 Separation of Duties Protects T1070.001 Clear Windows Event Logs
AC-06 Least Privilege Protects T1070.001 Clear Windows Event Logs
AC-03 Access Enforcement Protects T1005 Data from Local System
AC-06 Least Privilege Protects T1005 Data from Local System
AC-17 Remote Access Protects T1552.002 Credentials in Registry
AC-02 Account Management Protects T1552.002 Credentials in Registry
AC-03 Access Enforcement Protects T1552.002 Credentials in Registry
AC-05 Separation of Duties Protects T1552.002 Credentials in Registry
AC-06 Least Privilege Protects T1552.002 Credentials in Registry
AC-02 Account Management Protects T1552.001 Credentials In Files
AC-04 Information Flow Enforcement Protects T1552.001 Credentials In Files
AC-05 Separation of Duties Protects T1552.001 Credentials In Files
AC-06 Least Privilege Protects T1552.001 Credentials In Files
AC-02 Account Management Protects T1542.003 Bootkit
AC-03 Access Enforcement Protects T1542.003 Bootkit
AC-05 Separation of Duties Protects T1542.003 Bootkit
AC-06 Least Privilege Protects T1542.003 Bootkit
AC-03 Access Enforcement Protects T1499.002 Service Exhaustion Flood
AC-04 Information Flow Enforcement Protects T1499.002 Service Exhaustion Flood
AC-03 Access Enforcement Protects T1499.001 OS Exhaustion Flood
AC-04 Information Flow Enforcement Protects T1499.001 OS Exhaustion Flood
AC-03 Access Enforcement Protects T1499 Endpoint Denial of Service
AC-04 Information Flow Enforcement Protects T1499 Endpoint Denial of Service
AC-03 Access Enforcement Protects T1485 Data Destruction
AC-06 Least Privilege Protects T1485 Data Destruction
AC-20 Use of External Systems Protects T1200 Hardware Additions
AC-03 Access Enforcement Protects T1200 Hardware Additions
AC-06 Least Privilege Protects T1200 Hardware Additions
AC-02 Account Management Protects T1197 BITS Jobs
AC-03 Access Enforcement Protects T1197 BITS Jobs
AC-04 Information Flow Enforcement Protects T1197 BITS Jobs
AC-05 Separation of Duties Protects T1197 BITS Jobs
AC-06 Least Privilege Protects T1197 BITS Jobs
AC-03 Access Enforcement Protects T1187 Forced Authentication
AC-04 Information Flow Enforcement Protects T1187 Forced Authentication
AC-02 Account Management Protects T1136 Create Account
AC-20 Use of External Systems Protects T1136 Create Account
AC-03 Access Enforcement Protects T1136 Create Account
AC-04 Information Flow Enforcement Protects T1136 Create Account
AC-05 Separation of Duties Protects T1136 Create Account
AC-06 Least Privilege Protects T1136 Create Account
AC-02 Account Management Protects T1134 Access Token Manipulation
AC-03 Access Enforcement Protects T1134 Access Token Manipulation
AC-05 Separation of Duties Protects T1134 Access Token Manipulation
AC-06 Least Privilege Protects T1134 Access Token Manipulation
AC-04 Information Flow Enforcement Protects T1132 Data Encoding
AC-16 Security and Privacy Attributes Protects T1114 Email Collection
AC-17 Remote Access Protects T1114 Email Collection
AC-19 Access Control for Mobile Devices Protects T1114 Email Collection
AC-20 Use of External Systems Protects T1114 Email Collection
AC-03 Access Enforcement Protects T1114 Email Collection
AC-04 Information Flow Enforcement Protects T1114 Email Collection
AC-02 Account Management Protects T1110 Brute Force
AC-20 Use of External Systems Protects T1110 Brute Force
AC-03 Access Enforcement Protects T1110 Brute Force
AC-05 Separation of Duties Protects T1110 Brute Force
AC-06 Least Privilege Protects T1110 Brute Force
AC-07 Unsuccessful Logon Attempts Protects T1110 Brute Force
AC-03 Access Enforcement Protects T1091 Replication Through Removable Media
AC-06 Least Privilege Protects T1091 Replication Through Removable Media
AC-02 Account Management Protects T1070.003 Clear Command History
AC-03 Access Enforcement Protects T1070.003 Clear Command History
AC-05 Separation of Duties Protects T1070.003 Clear Command History
AC-06 Least Privilege Protects T1070.003 Clear Command History
AC-04 Information Flow Enforcement Protects T1046 Network Service Discovery
AC-16 Security and Privacy Attributes Protects T1041 Exfiltration Over C2 Channel
AC-02 Account Management Protects T1041 Exfiltration Over C2 Channel
AC-20 Use of External Systems Protects T1041 Exfiltration Over C2 Channel
AC-23 Data Mining Protection Protects T1041 Exfiltration Over C2 Channel
AC-03 Access Enforcement Protects T1041 Exfiltration Over C2 Channel
AC-04 Information Flow Enforcement Protects T1041 Exfiltration Over C2 Channel
AC-06 Least Privilege Protects T1041 Exfiltration Over C2 Channel
AC-17 Remote Access Protects T1037 Boot or Logon Initialization Scripts
AC-03 Access Enforcement Protects T1037 Boot or Logon Initialization Scripts
AC-02 Account Management Protects T1068 Exploitation for Privilege Escalation
AC-04 Information Flow Enforcement Protects T1068 Exploitation for Privilege Escalation
AC-06 Least Privilege Protects T1068 Exploitation for Privilege Escalation
AC-02 Account Management Protects T1542.001 System Firmware
AC-03 Access Enforcement Protects T1542.001 System Firmware
AC-05 Separation of Duties Protects T1542.001 System Firmware
AC-06 Least Privilege Protects T1542.001 System Firmware
AC-02 Account Management Protects T1053 Scheduled Task/Job
AC-03 Access Enforcement Protects T1053 Scheduled Task/Job
AC-05 Separation of Duties Protects T1053 Scheduled Task/Job
AC-06 Least Privilege Protects T1053 Scheduled Task/Job
AC-17 Remote Access Protects T1133 External Remote Services
AC-20 Use of External Systems Protects T1133 External Remote Services
AC-03 Access Enforcement Protects T1133 External Remote Services
AC-04 Information Flow Enforcement Protects T1133 External Remote Services
AC-06 Least Privilege Protects T1133 External Remote Services
AC-07 Unsuccessful Logon Attempts Protects T1133 External Remote Services
AC-16 Security and Privacy Attributes Protects T1070 Indicator Removal
AC-17 Remote Access Protects T1070 Indicator Removal
AC-18 Wireless Access Protects T1070 Indicator Removal
AC-02 Account Management Protects T1070 Indicator Removal
AC-03 Access Enforcement Protects T1070 Indicator Removal
AC-05 Separation of Duties Protects T1070 Indicator Removal
AC-06 Least Privilege Protects T1070 Indicator Removal
AC-02 Account Management Protects T1003.001 LSASS Memory
AC-03 Access Enforcement Protects T1003.001 LSASS Memory
AC-04 Information Flow Enforcement Protects T1003.001 LSASS Memory
AC-05 Separation of Duties Protects T1003.001 LSASS Memory
AC-06 Least Privilege Protects T1003.001 LSASS Memory
AC-02 Account Management Protects T1003.002 Security Account Manager
AC-03 Access Enforcement Protects T1003.002 Security Account Manager
AC-05 Separation of Duties Protects T1003.002 Security Account Manager
AC-06 Least Privilege Protects T1003.002 Security Account Manager
AC-11 Device Lock Protects T1021.001 Remote Desktop Protocol
AC-12 Session Termination Protects T1021.001 Remote Desktop Protocol
AC-17 Remote Access Protects T1021.001 Remote Desktop Protocol
AC-02 Account Management Protects T1021.001 Remote Desktop Protocol
AC-20 Use of External Systems Protects T1021.001 Remote Desktop Protocol
AC-03 Access Enforcement Protects T1021.001 Remote Desktop Protocol
AC-04 Information Flow Enforcement Protects T1021.001 Remote Desktop Protocol
AC-05 Separation of Duties Protects T1021.001 Remote Desktop Protocol
AC-06 Least Privilege Protects T1021.001 Remote Desktop Protocol
AC-07 Unsuccessful Logon Attempts Protects T1021.001 Remote Desktop Protocol
AC-17 Remote Access Protects T1021.002 SMB/Windows Admin Shares
AC-02 Account Management Protects T1021.002 SMB/Windows Admin Shares
AC-03 Access Enforcement Protects T1021.002 SMB/Windows Admin Shares
AC-04 Information Flow Enforcement Protects T1021.002 SMB/Windows Admin Shares
AC-05 Separation of Duties Protects T1021.002 SMB/Windows Admin Shares
AC-06 Least Privilege Protects T1021.002 SMB/Windows Admin Shares
AC-17 Remote Access Protects T1021.006 Windows Remote Management
AC-02 Account Management Protects T1021.006 Windows Remote Management
AC-03 Access Enforcement Protects T1021.006 Windows Remote Management
AC-04 Information Flow Enforcement Protects T1021.006 Windows Remote Management
AC-05 Separation of Duties Protects T1021.006 Windows Remote Management
AC-06 Least Privilege Protects T1021.006 Windows Remote Management
AC-02 Account Management Protects T1036.005 Match Legitimate Name or Location
AC-03 Access Enforcement Protects T1036.005 Match Legitimate Name or Location
AC-06 Least Privilege Protects T1036.005 Match Legitimate Name or Location
AC-17 Remote Access Protects T1047 Windows Management Instrumentation
AC-02 Account Management Protects T1047 Windows Management Instrumentation
AC-03 Access Enforcement Protects T1047 Windows Management Instrumentation
AC-05 Separation of Duties Protects T1047 Windows Management Instrumentation
AC-06 Least Privilege Protects T1047 Windows Management Instrumentation
AC-02 Account Management Protects T1053.002 At
AC-05 Separation of Duties Protects T1053.002 At
AC-06 Least Privilege Protects T1053.002 At
AC-03 Access Enforcement Protects T1053.002 At
AC-02 Account Management Protects T1053.005 Scheduled Task
AC-03 Access Enforcement Protects T1053.005 Scheduled Task
AC-05 Separation of Duties Protects T1053.005 Scheduled Task
AC-06 Least Privilege Protects T1053.005 Scheduled Task
AC-06 Least Privilege Protects T1055.012 Process Hollowing
AC-16 Security and Privacy Attributes Protects T1114.002 Remote Email Collection
AC-17 Remote Access Protects T1114.002 Remote Email Collection
AC-19 Access Control for Mobile Devices Protects T1114.002 Remote Email Collection
AC-20 Use of External Systems Protects T1114.002 Remote Email Collection
AC-03 Access Enforcement Protects T1114.002 Remote Email Collection
AC-04 Information Flow Enforcement Protects T1114.002 Remote Email Collection
AC-02 Account Management Protects T1543.003 Windows Service
AC-03 Access Enforcement Protects T1543.003 Windows Service
AC-05 Separation of Duties Protects T1543.003 Windows Service
AC-06 Least Privilege Protects T1543.003 Windows Service
AC-16 Security and Privacy Attributes Protects T1567 Exfiltration Over Web Service
AC-02 Account Management Protects T1567 Exfiltration Over Web Service
AC-20 Use of External Systems Protects T1567 Exfiltration Over Web Service
AC-23 Data Mining Protection Protects T1567 Exfiltration Over Web Service
AC-03 Access Enforcement Protects T1567 Exfiltration Over Web Service
AC-04 Information Flow Enforcement Protects T1567 Exfiltration Over Web Service
AC-06 Least Privilege Protects T1567 Exfiltration Over Web Service
AC-02 Account Management Protects T1569.002 Service Execution
AC-03 Access Enforcement Protects T1569.002 Service Execution
AC-05 Separation of Duties Protects T1569.002 Service Execution
AC-06 Least Privilege Protects T1569.002 Service Execution
AC-02 Account Management Protects T1578 Modify Cloud Compute Infrastructure
AC-03 Access Enforcement Protects T1578 Modify Cloud Compute Infrastructure
AC-05 Separation of Duties Protects T1578 Modify Cloud Compute Infrastructure
AC-06 Least Privilege Protects T1578 Modify Cloud Compute Infrastructure
AC-02 Account Management Protects T1611 Escape to Host
AC-03 Access Enforcement Protects T1611 Escape to Host
AC-04 Information Flow Enforcement Protects T1611 Escape to Host
AC-05 Separation of Duties Protects T1611 Escape to Host
AC-06 Least Privilege Protects T1611 Escape to Host
AC-17 Remote Access Protects T1609 Container Administration Command
AC-02 Account Management Protects T1609 Container Administration Command
AC-03 Access Enforcement Protects T1609 Container Administration Command
AC-04 Information Flow Enforcement Protects T1609 Container Administration Command
AC-05 Separation of Duties Protects T1609 Container Administration Command
AC-06 Least Privilege Protects T1609 Container Administration Command
AC-02 Account Management Protects T1562.004 Disable or Modify System Firewall
AC-03 Access Enforcement Protects T1562.004 Disable or Modify System Firewall
AC-05 Separation of Duties Protects T1562.004 Disable or Modify System Firewall
AC-06 Least Privilege Protects T1562.004 Disable or Modify System Firewall
AC-02 Account Management Protects T1556 Modify Authentication Process
AC-20 Use of External Systems Protects T1556 Modify Authentication Process
AC-03 Access Enforcement Protects T1556 Modify Authentication Process
AC-05 Separation of Duties Protects T1556 Modify Authentication Process
AC-06 Least Privilege Protects T1556 Modify Authentication Process
AC-07 Unsuccessful Logon Attempts Protects T1556 Modify Authentication Process
AC-16 Security and Privacy Attributes Protects T1552 Unsecured Credentials
AC-17 Remote Access Protects T1552 Unsecured Credentials
AC-18 Wireless Access Protects T1552 Unsecured Credentials
AC-19 Access Control for Mobile Devices Protects T1552 Unsecured Credentials
AC-02 Account Management Protects T1552 Unsecured Credentials
AC-20 Use of External Systems Protects T1552 Unsecured Credentials
AC-03 Access Enforcement Protects T1552 Unsecured Credentials
AC-04 Information Flow Enforcement Protects T1552 Unsecured Credentials
AC-05 Separation of Duties Protects T1552 Unsecured Credentials
AC-06 Least Privilege Protects T1552 Unsecured Credentials
AC-16 Security and Privacy Attributes Protects T1548 Abuse Elevation Control Mechanism
AC-02 Account Management Protects T1548 Abuse Elevation Control Mechanism
AC-03 Access Enforcement Protects T1548 Abuse Elevation Control Mechanism
AC-05 Separation of Duties Protects T1548 Abuse Elevation Control Mechanism
AC-06 Least Privilege Protects T1548 Abuse Elevation Control Mechanism
AC-02 Account Management Protects T1490 Inhibit System Recovery
AC-03 Access Enforcement Protects T1490 Inhibit System Recovery
AC-06 Least Privilege Protects T1490 Inhibit System Recovery
AC-04 Information Flow Enforcement Protects T1070.008 Clear Mailbox Data
AC-20 Use of External Systems Protects T1070.008 Clear Mailbox Data
AC-16 Security and Privacy Attributes Protects T1070.008 Clear Mailbox Data
AC-17 Remote Access Protects T1070.008 Clear Mailbox Data
AC-18 Wireless Access Protects T1070.008 Clear Mailbox Data
AC-19 Access Control for Mobile Devices Protects T1070.008 Clear Mailbox Data
AC-02 Account Management Protects T1070.008 Clear Mailbox Data
AC-03 Access Enforcement Protects T1070.008 Clear Mailbox Data
AC-05 Separation of Duties Protects T1070.008 Clear Mailbox Data
AC-06 Least Privilege Protects T1070.008 Clear Mailbox Data
AC-16 Security and Privacy Attributes Protects T1048 Exfiltration Over Alternative Protocol
AC-02 Account Management Protects T1048 Exfiltration Over Alternative Protocol
AC-20 Use of External Systems Protects T1048 Exfiltration Over Alternative Protocol
AC-23 Data Mining Protection Protects T1048 Exfiltration Over Alternative Protocol
AC-03 Access Enforcement Protects T1048 Exfiltration Over Alternative Protocol
AC-04 Information Flow Enforcement Protects T1048 Exfiltration Over Alternative Protocol
AC-06 Least Privilege Protects T1048 Exfiltration Over Alternative Protocol
AC-17 Remote Access Protects T1659 Content Injection
AC-04 Information Flow Enforcement Protects T1659 Content Injection
AC-04 Information Flow Enforcement Protects T1654 Log Enumeration
AC-03 Access Enforcement Protects T1654 Log Enumeration
AC-17 Remote Access Protects T1651 Cloud Administration Command
AC-06 Least Privilege Protects T1651 Cloud Administration Command
AC-03 Access Enforcement Protects T1651 Cloud Administration Command
AC-20 Use of External Systems Protects T1578.005 Modify Cloud Compute Configurations
AC-06 Least Privilege Protects T1578.005 Modify Cloud Compute Configurations
AC-03 Access Enforcement Protects T1578.005 Modify Cloud Compute Configurations
AC-17 Remote Access Protects T1567.004 Exfiltration Over Webhook
AC-17 Remote Access Protects T1567.003 Exfiltration to Text Storage Sites
AC-06 Least Privilege Protects T1562.012 Disable or Modify Linux Audit System
AC-03 Access Enforcement Protects T1562.012 Disable or Modify Linux Audit System
AC-02 Account Management Protects T1562.012 Disable or Modify Linux Audit System
AC-06 Least Privilege Protects T1556.008 Network Provider DLL
AC-03 Access Enforcement Protects T1556.008 Network Provider DLL
AC-06 Least Privilege Protects T1555.006 Cloud Secrets Management Stores
AC-03 Access Enforcement Protects T1555.006 Cloud Secrets Management Stores
AC-02 Account Management Protects T1555.006 Cloud Secrets Management Stores
AC-04 Information Flow Enforcement Protects T1552.008 Chat Messages
AC-03 Access Enforcement Protects T1548.005 Temporary Elevated Cloud Access
AC-02 Account Management Protects T1548.005 Temporary Elevated Cloud Access
AC-06 Least Privilege Protects T1548.005 Temporary Elevated Cloud Access
AC-03 Access Enforcement Protects T1098.006 Additional Container Cluster Roles
AC-02 Account Management Protects T1098.006 Additional Container Cluster Roles
AC-06 Least Privilege Protects T1059.009 Cloud API
AC-03 Access Enforcement Protects T1059.009 Cloud API
AC-02 Account Management Protects T1059.009 Cloud API
AC-20 Use of External Systems Protects T1021.008 Direct Cloud VM Connections
AC-17 Remote Access Protects T1021.008 Direct Cloud VM Connections
AC-03 Access Enforcement Protects T1021.008 Direct Cloud VM Connections
AC-20 Use of External Systems Protects T1021.007 Cloud Services
AC-03 Access Enforcement Protects T1021.007 Cloud Services
AC-06 Least Privilege Protects T1021.008 Direct Cloud VM Connections
AC-05 Separation of Duties Protects T1021.007 Cloud Services
AC-06 Least Privilege Protects T1021.007 Cloud Services
AC-02 Account Management Protects T1562 Impair Defenses
AC-03 Access Enforcement Protects T1562 Impair Defenses
AC-05 Separation of Duties Protects T1562 Impair Defenses
AC-06 Least Privilege Protects T1562 Impair Defenses
AC-20 Use of External Systems Protects T1555 Credentials from Password Stores
AC-06 Least Privilege Protects T1555 Credentials from Password Stores
AC-03 Access Enforcement Protects T1555 Credentials from Password Stores
AC-17 Remote Access Protects T1552.005 Cloud Instance Metadata API
AC-16 Security and Privacy Attributes Protects T1552.005 Cloud Instance Metadata API
AC-20 Use of External Systems Protects T1552.005 Cloud Instance Metadata API
AC-03 Access Enforcement Protects T1552.005 Cloud Instance Metadata API
AC-04 Information Flow Enforcement Protects T1552.005 Cloud Instance Metadata API
AC-02 Account Management Protects T1212 Exploitation for Credential Access
AC-04 Information Flow Enforcement Protects T1212 Exploitation for Credential Access
AC-06 Least Privilege Protects T1212 Exploitation for Credential Access
AC-02 Account Management Protects T1078 Valid Accounts
AC-03 Access Enforcement Protects T1078 Valid Accounts
AC-05 Separation of Duties Protects T1078 Valid Accounts
AC-06 Least Privilege Protects T1078 Valid Accounts
AC-02 Account Management Protects T1078.004 Cloud Accounts
AC-20 Use of External Systems Protects T1078.004 Cloud Accounts
AC-03 Access Enforcement Protects T1078.004 Cloud Accounts
AC-05 Separation of Duties Protects T1078.004 Cloud Accounts
AC-06 Least Privilege Protects T1078.004 Cloud Accounts
AC-07 Unsuccessful Logon Attempts Protects T1078.004 Cloud Accounts
AC-12 Session Termination Protects T1072 Software Deployment Tools
AC-02 Account Management Protects T1072 Software Deployment Tools
AC-20 Use of External Systems Protects T1072 Software Deployment Tools
AC-03 Access Enforcement Protects T1072 Software Deployment Tools
AC-04 Information Flow Enforcement Protects T1072 Software Deployment Tools
AC-05 Separation of Duties Protects T1072 Software Deployment Tools
AC-06 Least Privilege Protects T1072 Software Deployment Tools
AC-16 Security and Privacy Attributes Protects T1040 Network Sniffing
AC-17 Remote Access Protects T1040 Network Sniffing
AC-18 Wireless Access Protects T1040 Network Sniffing
AC-19 Access Control for Mobile Devices Protects T1040 Network Sniffing
AC-02 Account Management Protects T1036 Masquerading
AC-03 Access Enforcement Protects T1036 Masquerading
AC-06 Least Privilege Protects T1036 Masquerading
AC-03 Access Enforcement Protects T1027 Obfuscated Files or Information
CM-05 Access Restrictions for Change Protects T1020.001 Traffic Duplication
AC-06 Least Privilege Protects T1020.001 Traffic Duplication
AC-03 Access Enforcement Protects T1020.001 Traffic Duplication
AC-02 Account Management Protects T1020.001 Traffic Duplication
AC-06 Least Privilege Protects T1657 Financial Theft
AC-02 Account Management Protects T1003.007 Proc Filesystem
AC-03 Access Enforcement Protects T1003.007 Proc Filesystem
AC-05 Separation of Duties Protects T1003.007 Proc Filesystem
AC-06 Least Privilege Protects T1003.007 Proc Filesystem
AC-16 Security and Privacy Attributes Protects T1005 Data from Local System
AC-02 Account Management Protects T1005 Data from Local System
AC-23 Data Mining Protection Protects T1005 Data from Local System
AC-18 Wireless Access Protects T1011 Exfiltration Over Other Network Medium
AC-18 Wireless Access Protects T1011.001 Exfiltration Over Bluetooth
AC-16 Security and Privacy Attributes Protects T1020.001 Traffic Duplication
AC-17 Remote Access Protects T1020.001 Traffic Duplication
AC-18 Wireless Access Protects T1020.001 Traffic Duplication
AC-19 Access Control for Mobile Devices Protects T1020.001 Traffic Duplication
AC-20 Use of External Systems Protects T1020.001 Traffic Duplication
AC-04 Information Flow Enforcement Protects T1020.001 Traffic Duplication
AC-17 Remote Access Protects T1021 Remote Services
AC-02 Account Management Protects T1021 Remote Services
AC-20 Use of External Systems Protects T1021 Remote Services
AC-03 Access Enforcement Protects T1021 Remote Services
AC-05 Separation of Duties Protects T1021 Remote Services
AC-06 Least Privilege Protects T1021 Remote Services
AC-07 Unsuccessful Logon Attempts Protects T1021 Remote Services
AC-02 Account Management Protects T1021.007 Cloud Services
AC-02 Account Management Protects T1021.008 Direct Cloud VM Connections
AC-16 Security and Privacy Attributes Protects T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol
AC-20 Use of External Systems Protects T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol
AC-23 Data Mining Protection Protects T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol
AC-03 Access Enforcement Protects T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol
AC-04 Information Flow Enforcement Protects T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol
AC-06 Least Privilege Protects T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol
AC-02 Account Management Protects T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol
AC-02 Account Management Protects T1053.006 Systemd Timers
AC-03 Access Enforcement Protects T1053.006 Systemd Timers
AC-05 Separation of Duties Protects T1053.006 Systemd Timers
AC-06 Least Privilege Protects T1053.006 Systemd Timers
AC-02 Account Management Protects T1070.007 Clear Network Connection History and Configurations
AC-03 Access Enforcement Protects T1070.007 Clear Network Connection History and Configurations
AC-05 Separation of Duties Protects T1070.007 Clear Network Connection History and Configurations
AC-06 Least Privilege Protects T1070.007 Clear Network Connection History and Configurations
AC-04 Information Flow Enforcement Protects T1071 Application Layer Protocol
AC-04 Information Flow Enforcement Protects T1071.001 Web Protocols
AC-04 Information Flow Enforcement Protects T1071.002 File Transfer Protocols
AC-03 Access Enforcement Protects T1080 Taint Shared Content
AC-02 Account Management Protects T1098 Account Manipulation
AC-03 Access Enforcement Protects T1098 Account Manipulation
AC-04 Information Flow Enforcement Protects T1098 Account Manipulation
AC-05 Separation of Duties Protects T1098 Account Manipulation
AC-06 Least Privilege Protects T1098 Account Manipulation
AC-02 Account Management Protects T1098.003 Additional Cloud Roles
AC-05 Separation of Duties Protects T1098.003 Additional Cloud Roles
AC-20 Use of External Systems Protects T1098.003 Additional Cloud Roles
AC-03 Access Enforcement Protects T1098.003 Additional Cloud Roles
AC-06 Least Privilege Protects T1098.003 Additional Cloud Roles
AC-20 Use of External Systems Protects T1098.004 SSH Authorized Keys
AC-03 Access Enforcement Protects T1098.004 SSH Authorized Keys
AC-05 Separation of Duties Protects T1098.004 SSH Authorized Keys
AC-06 Least Privilege Protects T1098.004 SSH Authorized Keys
AC-02 Account Management Protects T1098.005 Device Registration
AC-20 Use of External Systems Protects T1098.005 Device Registration
AC-03 Access Enforcement Protects T1098.005 Device Registration
AC-05 Separation of Duties Protects T1098.005 Device Registration
AC-06 Least Privilege Protects T1098.005 Device Registration
AC-06 Least Privilege Protects T1098.006 Additional Container Cluster Roles
AC-06 Least Privilege Protects T1106 Native API
AC-06 Least Privilege Protects T1112 Modify Registry
AC-04 Information Flow Enforcement Protects T1132.001 Standard Encoding
AC-02 Account Management Protects T1134.001 Token Impersonation/Theft
AC-03 Access Enforcement Protects T1134.001 Token Impersonation/Theft
AC-05 Separation of Duties Protects T1134.001 Token Impersonation/Theft
AC-06 Least Privilege Protects T1134.001 Token Impersonation/Theft
AC-02 Account Management Protects T1134.002 Create Process with Token
AC-03 Access Enforcement Protects T1134.002 Create Process with Token
AC-05 Separation of Duties Protects T1134.002 Create Process with Token
AC-06 Least Privilege Protects T1134.002 Create Process with Token
AC-02 Account Management Protects T1134.003 Make and Impersonate Token
AC-03 Access Enforcement Protects T1134.003 Make and Impersonate Token
AC-05 Separation of Duties Protects T1134.003 Make and Impersonate Token
AC-06 Least Privilege Protects T1134.003 Make and Impersonate Token
AC-02 Account Management Protects T1136.001 Local Account
AC-20 Use of External Systems Protects T1136.001 Local Account
AC-03 Access Enforcement Protects T1136.001 Local Account
AC-05 Separation of Duties Protects T1136.001 Local Account
AC-06 Least Privilege Protects T1136.001 Local Account
AC-02 Account Management Protects T1136.003 Cloud Account
AC-20 Use of External Systems Protects T1136.003 Cloud Account
AC-03 Access Enforcement Protects T1136.003 Cloud Account
AC-04 Information Flow Enforcement Protects T1136.003 Cloud Account
AC-05 Separation of Duties Protects T1136.003 Cloud Account
AC-06 Least Privilege Protects T1136.003 Cloud Account
AC-20 Use of External Systems Protects T1539 Steal Web Session Cookie
AC-03 Access Enforcement Protects T1539 Steal Web Session Cookie
AC-06 Least Privilege Protects T1539 Steal Web Session Cookie
AC-04 Information Flow Enforcement Protects T1567.003 Exfiltration to Text Storage Sites
AC-04 Information Flow Enforcement Protects T1567.004 Exfiltration Over Webhook
AC-02 Account Management Protects T1578.005 Modify Cloud Compute Configurations
AC-02 Account Management Protects T1651 Cloud Administration Command
AC-06 Least Privilege Protects T1654 Log Enumeration
AC-05 Separation of Duties Protects T1657 Financial Theft

Capabilities

Capability ID Capability Name Number of Mappings
AC-02 Account Management 204
AC-12 Session Termination 5
AC-20 Use of External Systems 66
AC-18 Wireless Access 24
AC-08 System Use Notification 1
AC-03 Access Enforcement 263
AC-06 Least Privilege 254
AC-11 Device Lock 2
AC-17 Remote Access 79
AC-05 Separation of Duties 162
AC-23 Data Mining Protection 13
AC-10 Concurrent Session Control 4
AC-14 Permitted Actions Without Identification or Authentication 1
AC-21 Information Sharing 3
AC-19 Access Control for Mobile Devices 26
AC-16 Security and Privacy Attributes 53
AC-07 Unsuccessful Logon Attempts 16
AC-04 Information Flow Enforcement 151