Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
|---|---|---|---|---|
| RA-10 | Threat Hunting | Protects | T1068 | Exploitation for Privilege Escalation |
| RA-10 | Threat Hunting | Protects | T1190 | Exploit Public-Facing Application |
| RA-10 | Threat Hunting | Protects | T1195 | Supply Chain Compromise |
| RA-10 | Threat Hunting | Protects | T1195.001 | Compromise Software Dependencies and Development Tools |
| RA-10 | Threat Hunting | Protects | T1195.002 | Compromise Software Supply Chain |
| RA-10 | Threat Hunting | Protects | T1210 | Exploitation of Remote Services |
| RA-10 | Threat Hunting | Protects | T1211 | Exploitation for Defense Evasion |
| RA-10 | Threat Hunting | Protects | T1212 | Exploitation for Credential Access |
| RA-5 | Vulnerability Monitoring and Scanning | Protects | T1011.001 | Exfiltration Over Bluetooth |
| RA-5 | Vulnerability Monitoring and Scanning | Protects | T1021.001 | Remote Desktop Protocol |
Capability ID | Capability Name | Number of Mappings |
|---|---|---|
| RA-10 | Threat Hunting | 8 |
| RA-5 | Vulnerability Monitoring and Scanning | 96 |
| RA-9 | Criticality Analysis | 10 |