The Cybersecurity and Infrastructure Security Agency (CISA) generates security alerts and advisories to maintain situational awareness throughout the Federal Government. Security directives are issued by OMB or other designated organizations with the responsibility and authority to issue such directives. Compliance with security directives is essential due to the critical nature of many of these directives and the potential (immediate) adverse effects on organizational operations and assets, individuals, other organizations, and the Nation should the directives not be implemented in a timely manner. External organizations include supply chain partners, external mission or business partners, external service providers, and other peer or supporting organizations.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
|---|---|---|---|---|
| SI-5 | Security Alerts, Advisories, and Directives | Protects | T1068 | Exploitation for Privilege Escalation |
| SI-5 | Security Alerts, Advisories, and Directives | Protects | T1210 | Exploitation of Remote Services |
| SI-5 | Security Alerts, Advisories, and Directives | Protects | T1211 | Exploitation for Defense Evasion |
| SI-5 | Security Alerts, Advisories, and Directives | Protects | T1212 | Exploitation for Credential Access |