Home/Compliance/Audit answer
Audit

Compliance audit answer

For a whole framework: every control, the ATT&CK techniques it defends, and whether you can detect them
This is the one-page answer to "are my controls actually backed by detection?". For each control in the framework it shows the ATT&CK techniques the control maps to, and marks each technique detectable when a real rule (Sigma, CAR, IDS, YARA, Falco) covers it, or a gap when nothing does. Honest by construction: control-to-technique links come only from the published mappings, and a technique counts as detectable only if a real rule maps to it. Controls with no ATT&CK mapping are shown as such, not hidden. Export the full matrix for your auditor below.
NIST 800-53 (1246)NIST CSF (106)ISO 27001:2022 (93)PCI-DSS v4.0 (75)CIS v8.1 (62)CRI Profile (60)CSA CCM v4 (57)SOC 2 TSC (57)OWASP API (10)OWASP Mobile (10)OWASP Web (10)
60
CRI Profile controls
60
controls with ATT&CK mapping
430
distinct techniques defended
290
of those, detectable
67%
overall detection coverage
Export matrix (CSV) Export (JSON) the artifact to hand an auditor

Coverage by control family

11 families
FamilyControlsMappedTechniquesDetectableCoverage
DE.AE 1 1 81 57 70%
DE.CM 10 10 202 142 70%
EX.DD 1 1 10 8 80%
EX.MM 1 1 11 6 54%
ID.AM 2 2 25 17 68%
ID.IM 1 1 15 9 60%
ID.RA 1 1 11 11 100%
PR.AA 10 10 226 165 73%
PR.DS 6 6 39 28 71%
PR.IR 10 10 219 154 70%
PR.PS 17 17 309 212 68%

Control-by-control coverage

60 controls
DE.AE-02.01 Event analysis and detection 57/81 detectable
T1001.001T1001.002T1027.012T1027.013T1027.014T1036.008T1048.002T1071.002T1071.003T1071.005T1080T1104T1132.002T1204.003T1218.015T1542.004T1542.005T1557.004T1566.003T1573.001T1573.002T1602T1602.001T1602.002T1001T1001.003T1008T1027T1027.002T1027.009T1029T1030T1036T1041T1048T1048.001T1048.003T1059T1059.001T1059.005T1059.006T1068T1071T1071.001T1071.004T1090T1090.001T1090.002T1095T1102T1102.001T1102.002T1102.003T1105T1132T1132.001T1189T1203T1204T1204.001T1204.002T1210T1211T1212T1218T1218.010T1218.011T1219T1221T1557T1557.001T1557.002T1557.003T1566T1566.001T1568T1568.002T1570T1571T1572T1573
DE.CM-01.01 Intrusion detection and prevention 30/41 detectable
T1001.001T1001.002T1036.008T1071.002T1071.003T1071.005T1132.002T1204.003T1557.004T1573.001T1573.002T1001T1001.003T1030T1036T1048T1071T1071.001T1071.004T1090T1090.001T1090.002T1102T1102.001T1102.002T1102.003T1132T1132.001T1204T1204.001T1221T1557T1557.001T1557.002T1557.003T1566T1566.001T1568T1568.002T1572T1573
DE.CM-01.02 Network traffic volume monitoring 4/8 detectable
T1498.001T1498.002T1499.002T1499.003T1498T1499T1499.001T1499.004
DE.CM-01.03 Unauthorized network connections and data transfers 11/14 detectable
T1048.002T1104T1599T1008T1030T1041T1048T1048.001T1048.003T1090T1095T1102T1571T1572
DE.CM-01.04 Unauthorized device connection 1/3 detectable
T1052T1052.001T1200
DE.CM-01.05 Website and service blocking 20/22 detectable
T1566.003T1659T1059T1059.005T1059.007T1102T1102.001T1102.002T1102.003T1189T1204T1204.001T1204.002T1218T1218.001T1528T1539T1550T1555.003T1566T1566.001T1566.002
DE.CM-03.03 Privileged account monitoring 29/41 detectable
T1053.006T1053.007T1098.002T1098.006T1098.007T1543.005T1548.006T1556.001T1556.005T1556.007T1606.001T1651T1047T1053T1053.002T1053.005T1072T1078T1078.001T1078.002T1078.003T1078.004T1098T1098.001T1098.003T1098.004T1098.005T1190T1210T1543T1543.002T1543.003T1543.004T1548T1548.002T1548.003T1556T1556.004T1556.006T1606T1606.002
DE.CM-06.02 Third-party access monitoring 57/73 detectable
T1003.007T1003.008T1056.003T1059.008T1098.002T1548.006T1555.006T1556.001T1556.003T1556.007T1558.001T1558.002T1563T1563.001T1599T1651T1003T1003.001T1003.002T1003.003T1003.004T1003.005T1003.006T1021T1021.001T1021.002T1021.003T1021.006T1021.007T1047T1059.001T1059.009T1072T1078T1078.002T1078.003T1078.004T1098T1098.001T1098.003T1134T1134.001T1134.002T1134.003T1136.001T1136.002T1136.003T1190T1210T1218T1484T1484.002T1505T1548T1548.002T1548.003T1550T1550.002T1550.003T1552T1552.002T1552.007T1555T1556T1556.004T1558T1558.003T1563.002T1569T1599.001T1606T1606.002T1609
DE.CM-09.01 Software and data integrity checking 31/46 detectable
T1036.001T1127.002T1176T1204.003T1213.004T1542T1542.004T1542.005T1546.006T1547.013T1553.006T1556.001T1601T1601.001T1601.002T1003T1003.001T1036T1036.005T1059T1059.001T1059.002T1127T1195T1195.001T1495T1505T1505.001T1505.002T1505.004T1525T1537T1539T1542.001T1542.003T1543T1543.002T1543.003T1546.013T1547.002T1547.005T1547.008T1554T1556T1574T1574.001
DE.CM-09.02 Hardware integrity checking 4/8 detectable
T1195.003T1542T1542.002T1600.002T1091T1495T1542.001T1562.001
DE.CM-09.03 Unauthorized software, hardware, or configuration changes 5/7 detectable
T1542.002T1601T1495T1542.001T1543T1556T1562
EX.DD-04.01 Third-party systems and software evaluation 8/10 detectable
T1036.001T1542.002T1036T1072T1190T1195T1195.001T1195.002T1210T1554
EX.MM-01.01 Third-party monitoring and management resources 6/11 detectable
T1195.003T1530T1601T1601.001T1601.002T1195T1195.001T1195.002T1199T1525T1554
ID.AM-08.03 Data governance and lifecycle management 17/25 detectable
T1020.001T1070.002T1070.008T1114.002T1213.004T1530T1557.004T1558.005T1003T1003.003T1040T1070T1070.001T1114T1114.001T1114.003T1119T1548T1550.001T1552T1552.004T1557T1558T1565.001T1565.002
ID.AM-08.05 Data destruction procedures 17/25 detectable
T1020.001T1070.002T1070.008T1114.002T1213.004T1530T1557.004T1558.005T1003T1003.003T1040T1070T1070.001T1114T1114.001T1114.003T1119T1548T1550.001T1552T1552.004T1557T1558T1565.001T1565.002
ID.IM-02.06 Accurate data recovery 9/15 detectable
T1485.001T1491T1491.002T1498.001T1498.002T1561T1485T1486T1490T1491.001T1498T1561.001T1561.002T1565T1565.001
ID.RA-01.03 Vulnerability management 11/11 detectable
T1072T1190T1195T1195.001T1195.002T1203T1210T1211T1212T1495T1574
PR.AA-01.01 Identity and credential management 126/175 detectable
T1003.007T1003.008T1020.001T1021.008T1036.010T1053.006T1053.007T1059.008T1098.002T1098.006T1110.003T1110.004T1114.002T1213.001T1213.002T1213.004T1485.001T1530T1538T1543.005T1547.012T1547.013T1548.005T1556.001T1556.003T1556.005T1556.007T1556.009T1558.001T1558.002T1558.004T1562.004T1562.007T1562.008T1562.012T1563T1563.001T1566.003T1578.001T1578.002T1578.005T1599T1601T1601.001T1601.002T1648T1654T1657T1666T1003T1003.001T1003.002T1003.003T1003.004T1003.005T1003.006T1006T1021T1021.001T1021.002T1021.004T1021.007T1036T1040T1047T1048T1053T1053.002T1053.003T1053.005T1059T1072T1078T1078.001T1078.002T1078.003T1078.004T1087T1087.004T1098T1098.001T1098.003T1098.004T1098.005T1110T1110.001T1110.002T1114T1133T1134T1134.001T1134.002T1134.003T1134.005T1136T1136.001T1136.002T1136.003T1185T1187T1195T1197T1199T1201T1213T1213.003T1484T1484.001T1484.002T1485T1489T1490T1505T1505.003T1528T1537T1539T1543T1543.002T1543.003T1543.004T1546T1546.003T1546.011T1547T1547.004T1547.006T1547.009T1548T1548.002T1550T1550.001T1550.002T1550.003T1552T1552.001T1552.002T1552.004T1552.006T1552.007T1555T1555.001T1555.003T1555.005T1556T1556.004T1556.006T1558T1558.003T1562T1562.001T1562.002T1562.006T1563.002T1566T1566.001T1566.002T1569T1569.001T1574T1574.005T1574.010T1574.012T1578T1578.003T1580T1599.001T1606T1606.002T1609T1610T1613T1619T1621T1649
PR.AA-01.02 Physical and logical access 40/52 detectable
T1020.001T1059.008T1098.006T1530T1538T1543.005T1547.012T1547.013T1548.005T1563T1578.005T1657T1003T1006T1021T1047T1072T1078T1078.001T1078.002T1078.003T1078.004T1087T1087.004T1098T1098.001T1098.003T1098.004T1110T1134T1134.001T1134.002T1134.003T1197T1213T1537T1543T1543.002T1547.004T1547.006T1547.009T1548T1555.003T1555.005T1556T1556.004T1558T1562T1578T1580T1609T1619
PR.AA-02.01 Authentication of identity 20/24 detectable
T1098.006T1110.003T1110.004T1556.001T1021T1021.001T1021.004T1021.007T1078T1078.001T1087.001T1087.002T1098T1098.001T1098.003T1098.005T1110T1110.001T1136T1136.001T1136.002T1136.003T1556T1586.003
PR.AA-03.01 Authentication requirements 40/52 detectable
T1059.008T1098.006T1110.003T1110.004T1530T1556.001T1556.007T1599T1601T1601.001T1601.002T1651T1003T1003.001T1021T1021.001T1021.004T1021.007T1072T1078T1078.001T1078.002T1078.003T1078.004T1098T1098.001T1098.003T1098.005T1110T1110.001T1110.002T1114T1133T1136T1136.001T1136.002T1136.003T1187T1213T1539T1550T1552T1555T1555.005T1556T1556.004T1556.006T1558T1593.003T1599.001T1609T1649
PR.AA-03.03 Email verification mechanisms 6/10 detectable
T1114.002T1598T1598.002T1598.003T1114T1114.001T1114.003T1566T1566.001T1566.002
PR.AA-04.01 Access control within and across security perimeters 5/5 detectable
T1087.004T1098T1213T1548T1565
PR.AA-05.01 Access privilege limitation 28/31 detectable
T1562.009T1562.012T1601T1021T1037T1037.001T1087.004T1098T1133T1134T1134.001T1134.002T1134.003T1200T1484T1484.002T1505T1525T1547.009T1552.007T1557T1562T1565T1574T1574.011T1574.012T1578T1580T1609T1610T1613
PR.AA-05.02 Privileged system access 98/130 detectable
T1003.007T1003.008T1053.006T1053.007T1056.003T1059.008T1098.002T1098.006T1110.003T1110.004T1114.002T1530T1542T1542.005T1548.006T1553.006T1555.006T1556.001T1556.003T1556.005T1556.007T1558.001T1558.002T1562.009T1563T1563.001T1599T1601T1601.001T1601.002T1612T1651T1003.006T1021T1021.001T1021.002T1021.003T1021.004T1021.006T1021.007T1040T1047T1053T1053.002T1053.005T1055T1055.008T1056T1059T1059.001T1059.009T1072T1078T1078.001T1078.002T1078.003T1078.004T1098T1098.001T1098.003T1098.005T1110T1110.001T1110.002T1114T1133T1134T1134.001T1134.002T1134.003T1136T1136.001T1136.002T1136.003T1190T1199T1210T1213T1213.003T1218T1218.007T1222T1222.001T1222.002T1484T1484.002T1485T1495T1505T1505.001T1505.002T1505.004T1525T1539T1542.001T1542.003T1543T1543.002T1546T1546.003T1547T1547.006T1548T1548.002T1548.003T1550T1550.002T1550.003T1552T1552.002T1552.007T1553T1555T1556T1556.004T1556.006T1558T1558.003T1559T1559.001T1562T1563.002T1569T1569.002T1599.001T1606T1606.002T1609T1611T1621
PR.AA-05.03 Service accounts 18/22 detectable
T1558.001T1558.002T1563T1563.001T1021T1021.002T1021.003T1021.006T1021.007T1078T1078.002T1098T1190T1210T1484T1484.002T1548T1558T1558.003T1559T1559.001T1563.002
PR.AA-05.04 Third-party access management 5/7 detectable
T1110.003T1110.004T1078T1078.004T1110T1110.001T1199
PR.DS-01.01 Data-at-rest protection 11/12 detectable
T1530T1003.003T1005T1040T1041T1048.003T1213T1550.001T1557T1557.002T1565.001T1565.002
PR.DS-01.02 Data loss prevention 5/11 detectable
T1020.001T1025T1048.002T1052T1052.001T1567.004T1005T1041T1048T1048.003T1537
PR.DS-01.03 Removable media protection 2/4 detectable
T1025T1092T1030T1200
PR.DS-02.01 Data-in-transit protection 6/6 detectable
T1040T1550T1550.001T1550.002T1550.003T1565.002
PR.DS-10.01 Data-in-use protection 12/17 detectable
T1025T1052T1052.001T1530T1602T1005T1020T1040T1041T1048T1070T1119T1213T1537T1565T1565.001T1567
PR.DS-11.01 Data backup and replication 7/9 detectable
T1485.001T1561T1485T1486T1490T1561.001T1561.002T1565T1565.001
PR.IR-01.01 Network segmentation 33/40 detectable
T1048.002T1563T1565.003T1602T1602.001T1602.002T1612T1021.001T1021.003T1021.006T1040T1046T1048T1048.001T1048.003T1072T1095T1098T1098.001T1133T1136T1136.002T1136.003T1190T1199T1210T1482T1489T1552T1552.005T1552.007T1557T1557.001T1557.002T1557.003T1563.002T1565T1571T1610T1613
PR.IR-01.02 Network device configurations 29/39 detectable
T1048.002T1071.005T1218.012T1530T1542T1542.005T1602T1602.001T1602.002T1612T1021T1021.001T1021.003T1021.005T1021.006T1048T1048.001T1048.003T1071T1071.004T1095T1133T1187T1197T1218T1219T1537T1552T1552.005T1552.007T1557T1557.001T1557.002T1557.003T1563.002T1572T1609T1610T1613
PR.IR-01.03 Network communications integrity and availability 67/95 detectable
T1001.001T1001.002T1048.002T1071.002T1071.003T1071.005T1104T1132.002T1204.003T1205.002T1218.012T1498.001T1498.002T1499.002T1499.003T1530T1542T1542.004T1542.005T1557.004T1563T1573.001T1573.002T1599T1602T1602.001T1602.002T1612T1001T1001.003T1008T1021T1021.001T1021.002T1021.005T1029T1030T1041T1046T1048T1048.001T1048.003T1071T1071.001T1071.004T1090T1090.001T1090.002T1090.003T1095T1102T1102.001T1102.002T1102.003T1105T1132T1132.001T1133T1187T1197T1200T1204T1204.001T1205T1205.001T1218T1219T1221T1498T1499T1499.001T1499.004T1537T1546T1546.008T1552T1552.005T1552.007T1557T1557.001T1557.002T1557.003T1563.002T1566T1566.001T1568T1568.002T1570T1571T1572T1573T1599.001T1609T1610T1613
PR.IR-01.04 Wireless network protection 17/20 detectable
T1048.002T1573.001T1573.002T1021T1021.001T1021.002T1021.003T1021.006T1040T1046T1048T1048.001T1048.003T1095T1098T1200T1570T1571T1572T1573
PR.IR-01.05 Remote access protection 53/75 detectable
T1021.008T1098.002T1098.006T1110.003T1110.004T1542T1542.005T1548.006T1556.001T1556.003T1556.005T1556.007T1558.001T1558.002T1563T1563.001T1601T1601.001T1601.002T1612T1648T1651T1021T1021.001T1021.002T1021.003T1021.004T1021.005T1021.006T1021.007T1078T1078.001T1078.002T1078.004T1098T1098.001T1098.003T1110T1110.001T1133T1136T1136.001T1136.002T1136.003T1199T1484T1484.001T1484.002T1542.001T1542.003T1543T1543.002T1546T1546.003T1547.006T1548T1548.002T1548.003T1550T1552T1552.002T1552.007T1556T1556.004T1556.006T1558T1558.003T1563.002T1569T1569.002T1606T1606.002T1609T1611T1621
PR.IR-01.06 Production environment segregation 66/78 detectable
T1059.008T1098.002T1542T1542.005T1548.006T1553.006T1555.006T1563T1599T1602T1602.001T1602.002T1021T1021.001T1021.002T1021.003T1021.006T1021.007T1046T1059T1059.001T1059.009T1072T1095T1098T1098.001T1098.003T1133T1134T1134.001T1134.002T1134.003T1136T1136.001T1136.002T1136.003T1190T1199T1200T1210T1218T1218.007T1495T1505T1505.001T1505.002T1505.004T1542.001T1542.003T1543T1543.002T1546T1546.003T1546.008T1547.006T1548T1548.002T1548.003T1550T1550.002T1550.003T1552T1552.002T1552.005T1552.007T1553T1555T1557T1557.001T1557.002T1559T1559.001T1563.002T1599.001T1606T1606.002T1609T1611
PR.IR-01.08 End-user device access 13/19 detectable
T1027.012T1027.013T1027.014T1036.008T1080T1564.012T1006T1027T1027.002T1027.009T1027.010T1036T1059T1059.001T1059.005T1059.006T1221T1547.006T1564
PR.IR-03.01 Alternative resilience mechanisms 13/23 detectable
T1020.001T1025T1048.002T1052T1052.001T1485.001T1491T1491.002T1561T1567.004T1005T1020T1041T1048T1048.003T1485T1486T1490T1491.001T1537T1561.001T1561.002T1567
PR.IR-04.01 Utilization monitoring 30/36 detectable
T1048.002T1071.005T1104T1599T1602T1602.002T1008T1020T1021T1021.002T1021.005T1030T1041T1046T1048T1048.003T1071T1071.001T1071.004T1090T1090.003T1095T1102T1133T1498T1499T1552.005T1552.007T1557T1557.001T1557.002T1557.003T1567T1571T1572T1573
PR.IR-04.02 Availability and capacity management 7/12 detectable
T1498.001T1498.002T1499.002T1499.003T1561T1485T1486T1498T1499T1499.004T1561.001T1561.002
PR.PS-01.01 Configuration baselines 60/89 detectable
T1011T1011.001T1027.012T1027.013T1027.014T1036.008T1092T1213.001T1213.002T1213.004T1213.005T1535T1542.005T1543.005T1550.004T1556.008T1562.003T1562.009T1562.010T1564.012T1566.003T1598T1598.002T1598.003T1602T1602.001T1602.002T1606.001T1666T1003T1003.001T1003.002T1003.005T1021.001T1027T1027.002T1027.009T1027.010T1036T1036.007T1053T1053.002T1053.005T1059T1059.001T1059.005T1059.006T1087T1087.001T1087.002T1098T1135T1136T1136.002T1137T1137.002T1197T1213T1213.003T1221T1490T1537T1539T1543T1543.003T1546.008T1547.006T1548T1548.001T1548.003T1552T1552.003T1553T1553.004T1555.005T1556T1556.002T1559T1559.002T1562T1562.006T1563.002T1564T1564.002T1566T1566.001T1566.002T1574.006T1606
PR.PS-01.02 Least functionality 48/71 detectable
T1011T1011.001T1092T1213.001T1213.002T1213.004T1213.005T1535T1542.005T1543.005T1550.004T1556.008T1562.003T1562.009T1562.010T1598T1598.002T1598.003T1602T1602.001T1602.002T1606.001T1666T1003T1003.001T1003.002T1003.005T1021.001T1036.007T1053T1053.002T1053.005T1087T1087.001T1087.002T1098T1135T1136T1136.002T1137T1137.002T1197T1213T1213.003T1490T1537T1539T1543T1543.003T1546.008T1548T1548.001T1548.003T1552T1552.003T1553T1553.004T1555.005T1556T1556.002T1559T1559.002T1562T1562.006T1563.002T1564.002T1566T1566.001T1566.002T1574.006T1606
PR.PS-01.03 Configuration deviation 70/101 detectable
T1011T1011.001T1036.001T1092T1127.002T1204.003T1213.004T1535T1542T1542.004T1542.005T1543.005T1546.006T1550.004T1553.006T1556.008T1562.003T1562.009T1562.010T1563T1598T1598.002T1598.003T1601T1601.001T1601.002T1602T1602.001T1602.002T1606.001T1666T1003T1003.001T1003.002T1003.005T1021T1021.001T1036T1036.005T1036.007T1053T1053.002T1053.005T1059T1059.001T1059.002T1087T1087.001T1087.002T1098T1127T1135T1136T1136.002T1137T1137.002T1195T1197T1204T1213T1490T1495T1505T1505.001T1505.002T1505.004T1525T1537T1539T1542.001T1542.003T1543T1543.003T1546T1546.008T1546.013T1548T1548.001T1548.002T1548.003T1552T1552.003T1553T1553.004T1554T1555.005T1556T1556.002T1559T1559.002T1562T1562.006T1563.002T1564T1564.002T1566T1566.002T1574T1574.006T1590.002T1606
PR.PS-01.04 Time services and synchronization 2/4 detectable
T1497.003T1498.002T1070.006T1547.003
PR.PS-01.05 Encryption standards 17/28 detectable
T1020.001T1070.002T1114.002T1530T1558.002T1558.004T1563.001T1602T1602.001T1602.002T1659T1040T1070T1070.001T1098.004T1114T1114.001T1213T1552T1552.004T1557T1557.002T1558T1558.003T1565T1565.001T1565.002T1649
PR.PS-01.06 Encryption management practices 17/28 detectable
T1020.001T1070.002T1114.002T1530T1558.002T1558.004T1563.001T1602T1602.001T1602.002T1659T1040T1070T1070.001T1098.004T1114T1114.001T1213T1552T1552.004T1557T1557.002T1558T1558.003T1565T1565.001T1565.002T1649
PR.PS-01.07 Cryptographic keys and certificates 56/78 detectable
T1020.001T1070.002T1098.002T1098.006T1110.003T1110.004T1114.002T1530T1556.001T1556.003T1556.007T1558.002T1558.004T1558.005T1599T1601T1601.001T1601.002T1602T1602.001T1602.002T1659T1003T1003.001T1003.003T1020T1021T1021.001T1021.004T1021.007T1040T1070T1070.001T1072T1078T1078.002T1078.003T1078.004T1098T1098.001T1098.003T1098.005T1110T1110.001T1110.002T1114T1114.001T1114.003T1119T1133T1136T1136.001T1136.002T1136.003T1199T1213T1213.003T1485T1539T1547T1547.008T1550T1550.001T1552T1552.004T1556T1556.004T1556.006T1557T1557.002T1558T1558.003T1565T1565.001T1565.002T1599.001T1621T1649
PR.PS-01.08 End-user device protection 64/92 detectable
T1027.012T1027.013T1027.014T1036.008T1048.002T1052T1052.001T1071.005T1080T1205.002T1218.012T1498.001T1498.002T1499.002T1499.003T1530T1542T1542.005T1563T1564.012T1566.003T1574.002T1574.013T1599T1602T1602.001T1602.002T1612T1021T1021.001T1021.002T1021.005T1027T1027.002T1027.009T1027.010T1036T1048T1048.001T1048.003T1059T1059.001T1059.005T1059.006T1071T1071.004T1090T1090.003T1091T1095T1133T1187T1190T1197T1200T1205T1205.001T1218T1219T1221T1498T1499T1499.001T1499.004T1537T1546T1546.008T1547T1547.006T1552T1552.005T1552.007T1557T1557.001T1557.002T1557.003T1563.002T1564T1566.001T1570T1572T1574T1574.001T1574.006T1574.007T1574.008T1574.009T1574.012T1599.001T1609T1610T1613
PR.PS-01.09 Virtualized end point protection 23/32 detectable
T1027.006T1080T1204.003T1578.001T1578.002T1578.004T1578.005T1612T1651T1021.002T1039T1068T1098T1129T1189T1190T1203T1204T1210T1211T1212T1213T1485T1525T1552.001T1562T1564.006T1567T1570T1578T1578.003T1611
PR.PS-02.01 Patch identification and application 26/34 detectable
T1137.004T1137.005T1176T1542T1574.002T1602T1602.001T1602.002T1068T1072T1137T1137.003T1189T1190T1195T1195.001T1195.002T1210T1211T1212T1495T1539T1542.001T1546T1546.010T1546.011T1548T1548.002T1550.002T1552.006T1555T1555.003T1555.005T1574
PR.PS-05.01 Malware prevention 13/18 detectable
T1027.013T1027.014T1036.008T1080T1566.003T1027T1027.002T1027.009T1027.010T1036T1059T1059.001T1059.005T1059.006T1221T1547.006T1566T1566.001
PR.PS-05.02 Mobile code prevention 40/55 detectable
T1036.001T1036.008T1055.002T1055.004T1055.005T1055.013T1055.014T1127.002T1137.001T1137.004T1137.005T1218.004T1218.012T1218.015T1548.004T1021T1021.003T1036T1036.005T1047T1055T1055.001T1055.003T1055.008T1055.009T1055.011T1055.012T1059T1059.001T1059.002T1059.005T1059.006T1059.007T1137T1137.002T1137.003T1137.006T1189T1190T1203T1210T1211T1212T1218.001T1218.002T1218.003T1218.005T1218.008T1218.009T1218.013T1218.014T1548T1559T1559.001T1559.002
PR.PS-05.03 Email and message service protection 5/10 detectable
T1071.003T1566.003T1566.004T1598T1598.003T1204.001T1204.002T1566T1566.001T1566.002
PR.PS-06.01 Secure SDLC process 15/21 detectable
T1496.003T1559.003T1564.009T1564.012T1574.002T1647T1078T1078.001T1078.002T1078.003T1078.004T1195T1195.001T1212T1550T1550.001T1559T1564T1574T1593T1593.003
PR.PS-06.05 Testing and validation strategy 9/10 detectable
T1036.001T1068T1127T1190T1203T1210T1211T1212T1505T1554
PR.PS-06.06 Vulnerability remediation 13/18 detectable
T1137.004T1137.005T1176T1542T1542.002T1068T1137T1137.003T1190T1195T1195.001T1195.002T1203T1210T1211T1212T1495T1542.001
PR.PS-06.07 Development and operational process alignment 13/18 detectable
T1496.003T1559.003T1564.009T1564.012T1647T1078T1195T1195.001T1212T1496T1550T1550.001T1559T1564T1574T1574.001T1593T1593.003
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin