NIST 800-53 Identification and Authentication Capability Group

All Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
IA-02 Identification and Authentication (organizational Users) Protects T1003 OS Credential Dumping
IA-04 Identifier Management Protects T1003 OS Credential Dumping
IA-05 Authenticator Management Protects T1003 OS Credential Dumping
IA-02 Identification and Authentication (organizational Users) Protects T1003.003 NTDS
IA-05 Authenticator Management Protects T1003.003 NTDS
IA-02 Identification and Authentication (organizational Users) Protects T1003.004 LSA Secrets
IA-05 Authenticator Management Protects T1003.004 LSA Secrets
IA-02 Identification and Authentication (organizational Users) Protects T1003.005 Cached Domain Credentials
IA-04 Identifier Management Protects T1003.005 Cached Domain Credentials
IA-05 Authenticator Management Protects T1003.005 Cached Domain Credentials
IA-02 Identification and Authentication (organizational Users) Protects T1003.006 DCSync
IA-04 Identifier Management Protects T1003.006 DCSync
IA-05 Authenticator Management Protects T1003.006 DCSync
IA-02 Identification and Authentication (organizational Users) Protects T1003.008 /etc/passwd and /etc/shadow
IA-05 Authenticator Management Protects T1003.008 /etc/passwd and /etc/shadow
IA-02 Identification and Authentication (organizational Users) Protects T1021.003 Distributed Component Object Model
IA-02 Identification and Authentication (organizational Users) Protects T1021.004 SSH
IA-05 Authenticator Management Protects T1021.004 SSH
IA-02 Identification and Authentication (organizational Users) Protects T1021.005 VNC
IA-04 Identifier Management Protects T1021.005 VNC
IA-06 Authentication Feedback Protects T1021.005 VNC
IA-09 Service Identification and Authentication Protects T1036.001 Invalid Code Signature
IA-02 Identification and Authentication (organizational Users) Protects T1036.007 Double File Extension
IA-02 Identification and Authentication (organizational Users) Protects T1053.003 Cron
IA-02 Identification and Authentication (organizational Users) Protects T1053.007 Container Orchestration Job
IA-08 Identification and Authentication (non-organizational Users) Protects T1053.007 Container Orchestration Job
IA-02 Identification and Authentication (organizational Users) Protects T1055 Process Injection
IA-02 Identification and Authentication (organizational Users) Protects T1055.008 Ptrace System Calls
IA-02 Identification and Authentication (organizational Users) Protects T1056.003 Web Portal Capture
IA-02 Identification and Authentication (organizational Users) Protects T1059 Command and Scripting Interpreter
IA-08 Identification and Authentication (non-organizational Users) Protects T1059 Command and Scripting Interpreter
IA-09 Service Identification and Authentication Protects T1059 Command and Scripting Interpreter
IA-02 Identification and Authentication (organizational Users) Protects T1059.001 PowerShell
IA-08 Identification and Authentication (non-organizational Users) Protects T1059.001 PowerShell
IA-09 Service Identification and Authentication Protects T1059.001 PowerShell
IA-09 Service Identification and Authentication Protects T1059.002 AppleScript
IA-02 Identification and Authentication (organizational Users) Protects T1059.008 Network Device CLI
IA-08 Identification and Authentication (non-organizational Users) Protects T1059.008 Network Device CLI
IA-12 Identity Proofing Protects T1078.002 Domain Accounts
IA-02 Identification and Authentication (organizational Users) Protects T1078.002 Domain Accounts
IA-05 Authenticator Management Protects T1078.002 Domain Accounts
IA-12 Identity Proofing Protects T1078.003 Local Accounts
IA-02 Identification and Authentication (organizational Users) Protects T1078.003 Local Accounts
IA-02 Identification and Authentication (organizational Users) Protects T1087.004 Cloud Account
IA-08 Identification and Authentication (non-organizational Users) Protects T1087.004 Cloud Account
IA-02 Identification and Authentication (organizational Users) Protects T1098.002 Additional Email Delegate Permissions
IA-05 Authenticator Management Protects T1098.002 Additional Email Delegate Permissions
IA-11 Re-authentication Protects T1110.001 Password Guessing
IA-02 Identification and Authentication (organizational Users) Protects T1110.001 Password Guessing
IA-04 Identifier Management Protects T1110.001 Password Guessing
IA-05 Authenticator Management Protects T1110.001 Password Guessing
IA-11 Re-authentication Protects T1110.002 Password Cracking
IA-02 Identification and Authentication (organizational Users) Protects T1110.002 Password Cracking
IA-04 Identifier Management Protects T1110.002 Password Cracking
IA-05 Authenticator Management Protects T1110.002 Password Cracking
IA-11 Re-authentication Protects T1110.003 Password Spraying
IA-02 Identification and Authentication (organizational Users) Protects T1110.003 Password Spraying
IA-04 Identifier Management Protects T1110.003 Password Spraying
IA-05 Authenticator Management Protects T1110.003 Password Spraying
IA-11 Re-authentication Protects T1110.004 Credential Stuffing
IA-02 Identification and Authentication (organizational Users) Protects T1110.004 Credential Stuffing
IA-04 Identifier Management Protects T1110.004 Credential Stuffing
IA-05 Authenticator Management Protects T1110.004 Credential Stuffing
IA-02 Identification and Authentication (organizational Users) Protects T1136.002 Domain Account
IA-05 Authenticator Management Protects T1136.002 Domain Account
IA-02 Identification and Authentication (organizational Users) Protects T1185 Browser Session Hijacking
IA-07 Cryptographic Module Authentication Protects T1195.003 Compromise Hardware Supply Chain
IA-02 Identification and Authentication (organizational Users) Protects T1210 Exploitation of Remote Services
IA-08 Identification and Authentication (non-organizational Users) Protects T1210 Exploitation of Remote Services
IA-02 Identification and Authentication (organizational Users) Protects T1213 Data from Information Repositories
IA-04 Identifier Management Protects T1213 Data from Information Repositories
IA-08 Identification and Authentication (non-organizational Users) Protects T1213 Data from Information Repositories
IA-02 Identification and Authentication (organizational Users) Protects T1213.001 Confluence
IA-04 Identifier Management Protects T1213.001 Confluence
IA-08 Identification and Authentication (non-organizational Users) Protects T1213.001 Confluence
IA-02 Identification and Authentication (organizational Users) Protects T1213.002 Sharepoint
IA-04 Identifier Management Protects T1213.002 Sharepoint
IA-08 Identification and Authentication (non-organizational Users) Protects T1213.002 Sharepoint
IA-02 Identification and Authentication (organizational Users) Protects T1213.003 Code Repositories
IA-09 Service Identification and Authentication Protects T1213.003 Code Repositories
IA-02 Identification and Authentication (organizational Users) Protects T1218 System Binary Proxy Execution
IA-02 Identification and Authentication (organizational Users) Protects T1218.007 Msiexec
IA-02 Identification and Authentication (organizational Users) Protects T1222 File and Directory Permissions Modification
IA-02 Identification and Authentication (organizational Users) Protects T1222.001 Windows File and Directory Permissions Modification
IA-02 Identification and Authentication (organizational Users) Protects T1222.002 Linux and Mac File and Directory Permissions Modification
IA-02 Identification and Authentication (organizational Users) Protects T1484 Domain Policy Modification
IA-02 Identification and Authentication (organizational Users) Protects T1489 Service Stop
IA-02 Identification and Authentication (organizational Users) Protects T1495 Firmware Corruption
IA-07 Cryptographic Module Authentication Protects T1495 Firmware Corruption
IA-02 Identification and Authentication (organizational Users) Protects T1505 Server Software Component
IA-02 Identification and Authentication (organizational Users) Protects T1505.002 Transport Agent
IA-02 Identification and Authentication (organizational Users) Protects T1505.004 IIS Components
IA-02 Identification and Authentication (organizational Users) Protects T1525 Implant Internal Image
IA-09 Service Identification and Authentication Protects T1525 Implant Internal Image
IA-02 Identification and Authentication (organizational Users) Protects T1528 Steal Application Access Token
IA-04 Identifier Management Protects T1528 Steal Application Access Token
IA-05 Authenticator Management Protects T1528 Steal Application Access Token
IA-08 Identification and Authentication (non-organizational Users) Protects T1528 Steal Application Access Token
IA-02 Identification and Authentication (organizational Users) Protects T1537 Transfer Data to Cloud Account
IA-03 Device Identification and Authentication Protects T1537 Transfer Data to Cloud Account
IA-04 Identifier Management Protects T1537 Transfer Data to Cloud Account
IA-08 Identification and Authentication (non-organizational Users) Protects T1537 Transfer Data to Cloud Account
IA-02 Identification and Authentication (organizational Users) Protects T1538 Cloud Service Dashboard
IA-08 Identification and Authentication (non-organizational Users) Protects T1538 Cloud Service Dashboard
IA-02 Identification and Authentication (organizational Users) Protects T1542 Pre-OS Boot
IA-07 Cryptographic Module Authentication Protects T1542 Pre-OS Boot
IA-08 Identification and Authentication (non-organizational Users) Protects T1542 Pre-OS Boot
IA-07 Cryptographic Module Authentication Protects T1542.004 ROMMONkit
IA-02 Identification and Authentication (organizational Users) Protects T1542.005 TFTP Boot
IA-07 Cryptographic Module Authentication Protects T1542.005 TFTP Boot
IA-08 Identification and Authentication (non-organizational Users) Protects T1542.005 TFTP Boot
IA-02 Identification and Authentication (organizational Users) Protects T1543 Create or Modify System Process
IA-04 Identifier Management Protects T1543 Create or Modify System Process
IA-02 Identification and Authentication (organizational Users) Protects T1543.001 Launch Agent
IA-02 Identification and Authentication (organizational Users) Protects T1543.004 Launch Daemon
IA-09 Service Identification and Authentication Protects T1546 Event Triggered Execution
IA-02 Identification and Authentication (organizational Users) Protects T1546.003 Windows Management Instrumentation Event Subscription
IA-09 Service Identification and Authentication Protects T1546.006 LC_LOAD_DYLIB Addition
IA-09 Service Identification and Authentication Protects T1546.013 PowerShell Profile
IA-02 Identification and Authentication (organizational Users) Protects T1547.004 Winlogon Helper DLL
IA-02 Identification and Authentication (organizational Users) Protects T1547.006 Kernel Modules and Extensions
IA-04 Identifier Management Protects T1547.006 Kernel Modules and Extensions
IA-08 Identification and Authentication (non-organizational Users) Protects T1547.006 Kernel Modules and Extensions
IA-02 Identification and Authentication (organizational Users) Protects T1547.009 Shortcut Modification
IA-02 Identification and Authentication (organizational Users) Protects T1548.002 Bypass User Account Control
IA-02 Identification and Authentication (organizational Users) Protects T1548.003 Sudo and Sudo Caching
IA-02 Identification and Authentication (organizational Users) Protects T1550 Use Alternate Authentication Material
IA-02 Identification and Authentication (organizational Users) Protects T1550.002 Pass the Hash
IA-02 Identification and Authentication (organizational Users) Protects T1550.003 Pass the Ticket
IA-05 Authenticator Management Protects T1550.003 Pass the Ticket
IA-02 Identification and Authentication (organizational Users) Protects T1552.006 Group Policy Preferences
IA-05 Authenticator Management Protects T1552.006 Group Policy Preferences
IA-02 Identification and Authentication (organizational Users) Protects T1552.007 Container API
IA-07 Cryptographic Module Authentication Protects T1553 Subvert Trust Controls
IA-09 Service Identification and Authentication Protects T1553 Subvert Trust Controls
IA-09 Service Identification and Authentication Protects T1553.004 Install Root Certificate
IA-07 Cryptographic Module Authentication Protects T1553.006 Code Signing Policy Modification
IA-05 Authenticator Management Protects T1555.001 Keychain
IA-05 Authenticator Management Protects T1555.002 Securityd Memory
IA-05 Authenticator Management Protects T1555.004 Windows Credential Manager
IA-02 Identification and Authentication (organizational Users) Protects T1555.005 Password Managers
IA-05 Authenticator Management Protects T1555.005 Password Managers
IA-02 Identification and Authentication (organizational Users) Protects T1556.001 Domain Controller Authentication
IA-05 Authenticator Management Protects T1556.001 Domain Controller Authentication
IA-02 Identification and Authentication (organizational Users) Protects T1556.003 Pluggable Authentication Modules
IA-05 Authenticator Management Protects T1556.003 Pluggable Authentication Modules
IA-02 Identification and Authentication (organizational Users) Protects T1556.004 Network Device Authentication
IA-05 Authenticator Management Protects T1556.004 Network Device Authentication
IA-05 Authenticator Management Protects T1556.005 Reversible Encryption
IA-11 Re-authentication Protects T1556.006 Multi-Factor Authentication
IA-02 Identification and Authentication (organizational Users) Protects T1556.006 Multi-Factor Authentication
IA-11 Re-authentication Protects T1556.007 Hybrid Identity
IA-02 Identification and Authentication (organizational Users) Protects T1556.007 Hybrid Identity
IA-02 Identification and Authentication (organizational Users) Protects T1558 Steal or Forge Kerberos Tickets
IA-05 Authenticator Management Protects T1558 Steal or Forge Kerberos Tickets
IA-02 Identification and Authentication (organizational Users) Protects T1558.001 Golden Ticket
IA-05 Authenticator Management Protects T1558.001 Golden Ticket
IA-02 Identification and Authentication (organizational Users) Protects T1558.002 Silver Ticket
IA-05 Authenticator Management Protects T1558.002 Silver Ticket
IA-02 Identification and Authentication (organizational Users) Protects T1558.003 Kerberoasting
IA-05 Authenticator Management Protects T1558.003 Kerberoasting
IA-02 Identification and Authentication (organizational Users) Protects T1558.004 AS-REP Roasting
IA-05 Authenticator Management Protects T1558.004 AS-REP Roasting
IA-02 Identification and Authentication (organizational Users) Protects T1559 Inter-Process Communication
IA-02 Identification and Authentication (organizational Users) Protects T1559.001 Component Object Model
IA-02 Identification and Authentication (organizational Users) Protects T1562.009 Safe Mode Boot
IA-09 Service Identification and Authentication Protects T1562.009 Safe Mode Boot
IA-02 Identification and Authentication (organizational Users) Protects T1563 Remote Service Session Hijacking
IA-04 Identifier Management Protects T1563 Remote Service Session Hijacking
IA-06 Authentication Feedback Protects T1563 Remote Service Session Hijacking
IA-02 Identification and Authentication (organizational Users) Protects T1563.001 SSH Hijacking
IA-05 Authenticator Management Protects T1563.001 SSH Hijacking
IA-02 Identification and Authentication (organizational Users) Protects T1563.002 RDP Hijacking
IA-09 Service Identification and Authentication Protects T1566.001 Spearphishing Attachment
IA-02 Identification and Authentication (organizational Users) Protects T1569 System Services
IA-02 Identification and Authentication (organizational Users) Protects T1569.001 Launchctl
IA-02 Identification and Authentication (organizational Users) Protects T1574 Hijack Execution Flow
IA-02 Identification and Authentication (organizational Users) Protects T1574.005 Executable Installer File Permissions Weakness
IA-02 Identification and Authentication (organizational Users) Protects T1574.010 Services File Permissions Weakness
IA-02 Identification and Authentication (organizational Users) Protects T1574.012 COR_PROFILER
IA-02 Identification and Authentication (organizational Users) Protects T1578.001 Create Snapshot
IA-04 Identifier Management Protects T1578.001 Create Snapshot
IA-06 Authentication Feedback Protects T1578.001 Create Snapshot
IA-02 Identification and Authentication (organizational Users) Protects T1578.002 Create Cloud Instance
IA-04 Identifier Management Protects T1578.002 Create Cloud Instance
IA-06 Authentication Feedback Protects T1578.002 Create Cloud Instance
IA-02 Identification and Authentication (organizational Users) Protects T1578.003 Delete Cloud Instance
IA-04 Identifier Management Protects T1578.003 Delete Cloud Instance
IA-06 Authentication Feedback Protects T1578.003 Delete Cloud Instance
IA-02 Identification and Authentication (organizational Users) Protects T1580 Cloud Infrastructure Discovery
IA-02 Identification and Authentication (organizational Users) Protects T1585.003 Cloud Accounts
IA-02 Identification and Authentication (organizational Users) Protects T1586.003 Cloud Accounts
IA-09 Service Identification and Authentication Protects T1598.002 Spearphishing Attachment
IA-02 Identification and Authentication (organizational Users) Protects T1599 Network Boundary Bridging
IA-05 Authenticator Management Protects T1599 Network Boundary Bridging
IA-02 Identification and Authentication (organizational Users) Protects T1599.001 Network Address Translation Traversal
IA-05 Authenticator Management Protects T1599.001 Network Address Translation Traversal
IA-02 Identification and Authentication (organizational Users) Protects T1601 Modify System Image
IA-05 Authenticator Management Protects T1601 Modify System Image
IA-07 Cryptographic Module Authentication Protects T1601 Modify System Image
IA-02 Identification and Authentication (organizational Users) Protects T1601.001 Patch System Image
IA-05 Authenticator Management Protects T1601.001 Patch System Image
IA-07 Cryptographic Module Authentication Protects T1601.001 Patch System Image
IA-02 Identification and Authentication (organizational Users) Protects T1601.002 Downgrade System Image
IA-05 Authenticator Management Protects T1601.002 Downgrade System Image
IA-07 Cryptographic Module Authentication Protects T1601.002 Downgrade System Image
IA-03 Device Identification and Authentication Protects T1602 Data from Configuration Repository
IA-04 Identifier Management Protects T1602 Data from Configuration Repository
IA-03 Device Identification and Authentication Protects T1602.001 SNMP (MIB Dump)
IA-04 Identifier Management Protects T1602.001 SNMP (MIB Dump)
IA-03 Device Identification and Authentication Protects T1602.002 Network Device Configuration Dump
IA-04 Identifier Management Protects T1602.002 Network Device Configuration Dump
IA-02 Identification and Authentication (organizational Users) Protects T1610 Deploy Container
IA-02 Identification and Authentication (organizational Users) Protects T1613 Container and Resource Discovery
IA-02 Identification and Authentication (organizational Users) Protects T1619 Cloud Storage Object Discovery
IA-02 Identification and Authentication (organizational Users) Protects T1648 Serverless Execution
IA-02 Identification and Authentication (organizational Users) Protects T1649 Steal or Forge Authentication Certificates
IA-05 Authenticator Management Protects T1649 Steal or Forge Authentication Certificates
IA-02 Identification and Authentication (organizational Users) Protects T1621 Multi-Factor Authentication Request Generation
IA-03 Device Identification and Authentication Protects T1621 Multi-Factor Authentication Request Generation
IA-05 Authenticator Management Protects T1621 Multi-Factor Authentication Request Generation
IA-09 Service Identification and Authentication Protects T1598.003 Spearphishing Link
IA-09 Service Identification and Authentication Protects T1598 Phishing for Information
IA-09 Service Identification and Authentication Protects T1566.002 Spearphishing Link
IA-09 Service Identification and Authentication Protects T1566 Phishing
IA-02 Identification and Authentication (organizational Users) Protects T1562.008 Disable or Modify Cloud Logs
IA-02 Identification and Authentication (organizational Users) Protects T1562.007 Disable or Modify Cloud Firewall
IA-02 Identification and Authentication (organizational Users) Protects T1562.006 Indicator Blocking
IA-09 Service Identification and Authentication Protects T1562.006 Indicator Blocking
IA-02 Identification and Authentication (organizational Users) Protects T1562.002 Disable Windows Event Logging
IA-02 Identification and Authentication (organizational Users) Protects T1562.001 Disable or Modify Tools
IA-09 Service Identification and Authentication Protects T1554 Compromise Client Software Binary
IA-02 Identification and Authentication (organizational Users) Protects T1552.004 Private Keys
IA-05 Authenticator Management Protects T1552.004 Private Keys
IA-02 Identification and Authentication (organizational Users) Protects T1550.001 Application Access Token
IA-04 Identifier Management Protects T1550.001 Application Access Token
IA-02 Identification and Authentication (organizational Users) Protects T1547.013 XDG Autostart Entries
IA-02 Identification and Authentication (organizational Users) Protects T1547.012 Print Processors
IA-02 Identification and Authentication (organizational Users) Protects T1543.002 Systemd Service
IA-02 Identification and Authentication (organizational Users) Protects T1530 Data from Cloud Storage
IA-03 Device Identification and Authentication Protects T1530 Data from Cloud Storage
IA-04 Identifier Management Protects T1530 Data from Cloud Storage
IA-05 Authenticator Management Protects T1530 Data from Cloud Storage
IA-06 Authentication Feedback Protects T1530 Data from Cloud Storage
IA-08 Identification and Authentication (non-organizational Users) Protects T1530 Data from Cloud Storage
IA-02 Identification and Authentication (organizational Users) Protects T1190 Exploit Public-Facing Application
IA-08 Identification and Authentication (non-organizational Users) Protects T1190 Exploit Public-Facing Application
IA-02 Identification and Authentication (organizational Users) Protects T1111 Multi-Factor Authentication Interception
IA-05 Authenticator Management Protects T1111 Multi-Factor Authentication Interception
IA-02 Identification and Authentication (organizational Users) Protects T1098.001 Additional Cloud Credentials
IA-05 Authenticator Management Protects T1098.001 Additional Cloud Credentials
IA-02 Identification and Authentication (organizational Users) Protects T1552.002 Credentials in Registry
IA-05 Authenticator Management Protects T1552.002 Credentials in Registry
IA-02 Identification and Authentication (organizational Users) Protects T1552.001 Credentials In Files
IA-05 Authenticator Management Protects T1552.001 Credentials In Files
IA-02 Identification and Authentication (organizational Users) Protects T1542.003 Bootkit
IA-07 Cryptographic Module Authentication Protects T1542.003 Bootkit
IA-08 Identification and Authentication (non-organizational Users) Protects T1542.003 Bootkit
IA-02 Identification and Authentication (organizational Users) Protects T1197 BITS Jobs
IA-02 Identification and Authentication (organizational Users) Protects T1136 Create Account
IA-05 Authenticator Management Protects T1136 Create Account
IA-02 Identification and Authentication (organizational Users) Protects T1134 Access Token Manipulation
IA-02 Identification and Authentication (organizational Users) Protects T1114 Email Collection
IA-05 Authenticator Management Protects T1114 Email Collection
IA-11 Re-authentication Protects T1110 Brute Force
IA-02 Identification and Authentication (organizational Users) Protects T1110 Brute Force
IA-04 Identifier Management Protects T1110 Brute Force
IA-05 Authenticator Management Protects T1110 Brute Force
IA-02 Identification and Authentication (organizational Users) Protects T1542.001 System Firmware
IA-07 Cryptographic Module Authentication Protects T1542.001 System Firmware
IA-08 Identification and Authentication (non-organizational Users) Protects T1542.001 System Firmware
IA-02 Identification and Authentication (organizational Users) Protects T1053 Scheduled Task/Job
IA-04 Identifier Management Protects T1053 Scheduled Task/Job
IA-08 Identification and Authentication (non-organizational Users) Protects T1053 Scheduled Task/Job
IA-02 Identification and Authentication (organizational Users) Protects T1133 External Remote Services
IA-05 Authenticator Management Protects T1133 External Remote Services
IA-02 Identification and Authentication (organizational Users) Protects T1003.001 LSASS Memory
IA-05 Authenticator Management Protects T1003.001 LSASS Memory
IA-02 Identification and Authentication (organizational Users) Protects T1003.002 Security Account Manager
IA-05 Authenticator Management Protects T1003.002 Security Account Manager
IA-02 Identification and Authentication (organizational Users) Protects T1021.001 Remote Desktop Protocol
IA-04 Identifier Management Protects T1021.001 Remote Desktop Protocol
IA-05 Authenticator Management Protects T1021.001 Remote Desktop Protocol
IA-06 Authentication Feedback Protects T1021.001 Remote Desktop Protocol
IA-02 Identification and Authentication (organizational Users) Protects T1021.002 SMB/Windows Admin Shares
IA-02 Identification and Authentication (organizational Users) Protects T1021.006 Windows Remote Management
IA-09 Service Identification and Authentication Protects T1036.005 Match Legitimate Name or Location
IA-02 Identification and Authentication (organizational Users) Protects T1047 Windows Management Instrumentation
IA-04 Identifier Management Protects T1053.002 At
IA-02 Identification and Authentication (organizational Users) Protects T1053.002 At
IA-02 Identification and Authentication (organizational Users) Protects T1053.005 Scheduled Task
IA-04 Identifier Management Protects T1053.005 Scheduled Task
IA-02 Identification and Authentication (organizational Users) Protects T1114.002 Remote Email Collection
IA-05 Authenticator Management Protects T1114.002 Remote Email Collection
IA-02 Identification and Authentication (organizational Users) Protects T1543.003 Windows Service
IA-02 Identification and Authentication (organizational Users) Protects T1569.002 Service Execution
IA-02 Identification and Authentication (organizational Users) Protects T1578 Modify Cloud Compute Infrastructure
IA-04 Identifier Management Protects T1578 Modify Cloud Compute Infrastructure
IA-06 Authentication Feedback Protects T1578 Modify Cloud Compute Infrastructure
IA-02 Identification and Authentication (organizational Users) Protects T1611 Escape to Host
IA-02 Identification and Authentication (organizational Users) Protects T1562.004 Disable or Modify System Firewall
IA-02 Identification and Authentication (organizational Users) Protects T1556 Modify Authentication Process
IA-05 Authenticator Management Protects T1556 Modify Authentication Process
IA-02 Identification and Authentication (organizational Users) Protects T1552 Unsecured Credentials
IA-03 Device Identification and Authentication Protects T1552 Unsecured Credentials
IA-04 Identifier Management Protects T1552 Unsecured Credentials
IA-05 Authenticator Management Protects T1552 Unsecured Credentials
IA-02 Identification and Authentication (organizational Users) Protects T1548 Abuse Elevation Control Mechanism
IA-02 Identification and Authentication (organizational Users) Protects T1212 Exploitation for Credential Access
IA-02 Identification and Authentication (organizational Users) Protects T1651 Cloud Administration Command
IA-05 Authenticator Management Protects T1098.006 Additional Container Cluster Roles
IA-02 Identification and Authentication (organizational Users) Protects T1059.009 Cloud API
IA-05 Authenticator Management Protects T1021.008 Direct Cloud VM Connections
IA-02 Identification and Authentication (organizational Users) Protects T1021.008 Direct Cloud VM Connections
IA-05 Authenticator Management Protects T1021.007 Cloud Services
IA-02 Identification and Authentication (organizational Users) Protects T1021.007 Cloud Services
IA-02 Identification and Authentication (organizational Users) Protects T1562 Impair Defenses
IA-04 Identifier Management Protects T1562 Impair Defenses
IA-05 Authenticator Management Protects T1555 Credentials from Password Stores
IA-03 Device Identification and Authentication Protects T1552.005 Cloud Instance Metadata API
IA-04 Identifier Management Protects T1552.005 Cloud Instance Metadata API
IA-05 Authenticator Management Protects T1212 Exploitation for Credential Access
IA-12 Identity Proofing Protects T1078 Valid Accounts
IA-02 Identification and Authentication (organizational Users) Protects T1078 Valid Accounts
IA-05 Authenticator Management Protects T1078 Valid Accounts
IA-12 Identity Proofing Protects T1078.004 Cloud Accounts
IA-02 Identification and Authentication (organizational Users) Protects T1078.004 Cloud Accounts
IA-05 Authenticator Management Protects T1078.004 Cloud Accounts
IA-02 Identification and Authentication (organizational Users) Protects T1072 Software Deployment Tools
IA-05 Authenticator Management Protects T1072 Software Deployment Tools
IA-02 Identification and Authentication (organizational Users) Protects T1040 Network Sniffing
IA-05 Authenticator Management Protects T1040 Network Sniffing
IA-09 Service Identification and Authentication Protects T1036 Masquerading
IA-09 Service Identification and Authentication Protects T1036 Masquerading
IA-02 Identification and Authentication (organizational Users) Protects T1003.007 Proc Filesystem
IA-05 Authenticator Management Protects T1003.007 Proc Filesystem
IA-02 Identification and Authentication (organizational Users) Protects T1021 Remote Services
IA-05 Authenticator Management Protects T1021 Remote Services
IA-02 Identification and Authentication (organizational Users) Protects T1053.006 Systemd Timers
IA-02 Identification and Authentication (organizational Users) Protects T1098 Account Manipulation
IA-02 Identification and Authentication (organizational Users) Protects T1098.003 Additional Cloud Roles
IA-05 Authenticator Management Protects T1098.003 Additional Cloud Roles
IA-02 Identification and Authentication (organizational Users) Protects T1098.004 SSH Authorized Keys
IA-05 Authenticator Management Protects T1098.004 SSH Authorized Keys
IA-02 Identification and Authentication (organizational Users) Protects T1134.001 Token Impersonation/Theft
IA-02 Identification and Authentication (organizational Users) Protects T1134.002 Create Process with Token
IA-02 Identification and Authentication (organizational Users) Protects T1134.003 Make and Impersonate Token
IA-02 Identification and Authentication (organizational Users) Protects T1136.001 Local Account
IA-05 Authenticator Management Protects T1136.001 Local Account
IA-02 Identification and Authentication (organizational Users) Protects T1136.003 Cloud Account
IA-05 Authenticator Management Protects T1136.003 Cloud Account
IA-02 Identification and Authentication (organizational Users) Protects T1539 Steal Web Session Cookie
IA-05 Authenticator Management Protects T1539 Steal Web Session Cookie

Capabilities

Capability ID Capability Name Number of Mappings
IA-08 Identification and Authentication (non-organizational Users) 20
IA-02 Identification and Authentication (organizational Users) 168
IA-12 Identity Proofing 4
IA-06 Authentication Feedback 8
IA-11 Re-authentication 7
IA-03 Device Identification and Authentication 8
IA-04 Identifier Management 33
IA-07 Cryptographic Module Authentication 12
IA-05 Authenticator Management 70
IA-09 Service Identification and Authentication 23