NIST 800-53 SI-15 Mappings

Certain types of attacks, including SQL injections, produce output results that are unexpected or inconsistent with the output results that would be expected from software programs or applications. Information output filtering focuses on detecting extraneous content, preventing such extraneous content from being displayed, and then alerting monitoring tools that anomalous behavior has been discovered.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
SI-15 Information Output Filtering Protects T1021.002 SMB/Windows Admin Shares
SI-15 Information Output Filtering Protects T1021.005 VNC
SI-15 Information Output Filtering Protects T1048 Exfiltration Over Alternative Protocol
SI-15 Information Output Filtering Protects T1048.001 Exfiltration Over Symmetric Encrypted Non-C2 Protocol
SI-15 Information Output Filtering Protects T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
SI-15 Information Output Filtering Protects T1048.003 Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
SI-15 Information Output Filtering Protects T1071.004 DNS
SI-15 Information Output Filtering Protects T1090 Proxy
SI-15 Information Output Filtering Protects T1090.003 Multi-hop Proxy
SI-15 Information Output Filtering Protects T1095 Non-Application Layer Protocol
SI-15 Information Output Filtering Protects T1187 Forced Authentication
SI-15 Information Output Filtering Protects T1197 BITS Jobs
SI-15 Information Output Filtering Protects T1205 Traffic Signaling
SI-15 Information Output Filtering Protects T1205.001 Port Knocking
SI-15 Information Output Filtering Protects T1218.012 Verclsid
SI-15 Information Output Filtering Protects T1219 Remote Access Software
SI-15 Information Output Filtering Protects T1498 Network Denial of Service
SI-15 Information Output Filtering Protects T1498.001 Direct Network Flood
SI-15 Information Output Filtering Protects T1498.002 Reflection Amplification
SI-15 Information Output Filtering Protects T1499 Endpoint Denial of Service
SI-15 Information Output Filtering Protects T1499.001 OS Exhaustion Flood
SI-15 Information Output Filtering Protects T1499.002 Service Exhaustion Flood
SI-15 Information Output Filtering Protects T1499.003 Application Exhaustion Flood
SI-15 Information Output Filtering Protects T1499.004 Application or System Exploitation
SI-15 Information Output Filtering Protects T1530 Data from Cloud Storage Object
SI-15 Information Output Filtering Protects T1537 Transfer Data to Cloud Account
SI-15 Information Output Filtering Protects T1552 Unsecured Credentials
SI-15 Information Output Filtering Protects T1552.005 Cloud Instance Metadata API
SI-15 Information Output Filtering Protects T1557 Man-in-the-Middle
SI-15 Information Output Filtering Protects T1557.001 LLMNR/NBT-NS Poisoning and SMB Relay
SI-15 Information Output Filtering Protects T1557.002 ARP Cache Poisoning
SI-15 Information Output Filtering Protects T1570 Lateral Tool Transfer
SI-15 Information Output Filtering Protects T1572 Protocol Tunneling
SI-15 Information Output Filtering Protects T1599 Network Boundary Bridging
SI-15 Information Output Filtering Protects T1599.001 Network Address Translation Traversal
SI-15 Information Output Filtering Protects T1602 Data from Configuration Repository
SI-15 Information Output Filtering Protects T1602.001 SNMP (MIB Dump)
SI-15 Information Output Filtering Protects T1602.002 Network Device Configuration Dump