NIST 800-53

National Institute of Standards in Technology (NIST) Special Publication 800-53 provides a catalog of security and privacy controls for the protection of information systems and organizations from a diverse set of threats and risks. These mappings provide resources for security control coverage against real-world threats as described in the MITRE ATT&CK® knowledge base and provide a foundation for integrating ATT&CK-based threat information into the risk management process.

ID	Capability Group Name	Number of Mappings	Number of Capabilities
AC	Access Control	1075	18
CA	Security Assessment and Authorization	250	3
CM	Configuration Management	946	8
CP	Contingency Planning	60	5
IA	Identification and Authentication	305	10
MP	Media Protection	5	1
PL	Planning	2	1
RA	Risk Assessment	114	3
SA	System and Services Acquisition	88	10
SC	System and Communications Protection	420	27

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name
AC-10	Concurrent Session Control	Protects	T1137	Office Application Startup
AC-10	Concurrent Session Control	Protects	T1137.002	Office Test
AC-10	Concurrent Session Control	Protects	T1528	Steal Application Access Token
AC-11	Device Lock	Protects	T1021.001	Remote Desktop Protocol
AC-11	Device Lock	Protects	T1563.002	RDP Hijacking
AC-12	Session Termination	Protects	T1021.001	Remote Desktop Protocol
AC-12	Session Termination	Protects	T1072	Software Deployment Tools
AC-12	Session Termination	Protects	T1563.002	RDP Hijacking
AC-14	Permitted Actions Without Identification or Authentication	Protects	T1137.002	Office Test
AC-16	Security and Privacy Attributes	Protects	T1003	OS Credential Dumping

NIST 800-53

Download Mapping Artifacts:

SELECT VERSIONS

Capability Groups

All Mappings