Compliance audit answer

Audit

For a whole framework: every control, the ATT&CK techniques it defends, and whether you can detect them

This is the one-page answer to "are my controls actually backed by detection?". For each control in the framework it shows the ATT&CK techniques the control maps to, and marks each technique detectable when a real rule (Sigma, CAR, IDS, YARA, Falco) covers it, or a gap when nothing does. Honest by construction: control-to-technique links come only from the published mappings, and a technique counts as detectable only if a real rule maps to it. Controls with no ATT&CK mapping are shown as such, not hidden. Export the full matrix for your auditor below.

NIST 800-53 (1246)NIST CSF (106)ISO 27001:2022 (93)PCI-DSS v4.0 (75)CIS v8.1 (62)CRI Profile (60)CSA CCM v4 (57)SOC 2 TSC (57)OWASP API (10)OWASP Mobile (10)OWASP Web (10)

NIST CSF has 106 controls loaded, but no published control-to-ATT&CK mapping has been ingested for this framework yet.
We do not fabricate mappings. The authoritative ATT&CK technique coverage we can show today is for NIST 800-53 (and CSA CCM, CRI Profile). For NIST CSF, the controls below are real and searchable, but their threat-technique coverage is not yet available here - it will be added once the official NIST 800-53 crosswalk for this framework is ingested. Until then, pivot to NIST 800-53 for technique-level coverage.

106

NIST CSF controls

controls with ATT&CK mapping

distinct techniques defended

of those, detectable

overall detection coverage

Export matrix (CSV) Export (JSON) the artifact to hand an auditor

▤

Coverage by control family

6 families

Family	Controls	Coverage
DE	11	0%
GV	31	0%
ID	21	0%
PR	22	0%
RC	8	0%
RS	13	0%

▤

Control-by-control coverage

106 controls

NIST 800-53 ATT&CK mappings are published at the base-control level (e.g. AC-18), so the 106 sub-control enhancements (AC-18.1, AC-18.2, …) carry no direct technique mapping - their coverage is inherited from the base control. They are hidden by default. show all controls including unmapped enhancements

DE.AE-02 Adverse Event Analysis enhancement of DE

DE.AE-03 Adverse Event Analysis enhancement of DE

DE.AE-04 Adverse Event Analysis enhancement of DE

DE.AE-06 Adverse Event Analysis enhancement of DE

DE.AE-07 Adverse Event Analysis enhancement of DE

DE.AE-08 Adverse Event Analysis enhancement of DE

DE.CM-01 Continuous Monitoring enhancement of DE

DE.CM-02 Continuous Monitoring enhancement of DE

DE.CM-03 Continuous Monitoring enhancement of DE

DE.CM-06 Continuous Monitoring enhancement of DE

DE.CM-09 Continuous Monitoring enhancement of DE

GV.OC-01 Organizational Context enhancement of GV

GV.OC-02 Organizational Context enhancement of GV

GV.OC-03 Organizational Context enhancement of GV

GV.OC-04 Organizational Context enhancement of GV

GV.OC-05 Organizational Context enhancement of GV

GV.OV-01 Oversight enhancement of GV

GV.OV-02 Oversight enhancement of GV

GV.OV-03 Oversight enhancement of GV

GV.PO-01 Policy enhancement of GV

GV.PO-02 Policy enhancement of GV

GV.RM-01 Risk Management Strategy enhancement of GV

GV.RM-02 Risk Management Strategy enhancement of GV

GV.RM-03 Risk Management Strategy enhancement of GV

GV.RM-04 Risk Management Strategy enhancement of GV

GV.RM-05 Risk Management Strategy enhancement of GV

GV.RM-06 Risk Management Strategy enhancement of GV

GV.RM-07 Risk Management Strategy enhancement of GV

GV.RR-01 Roles, Responsibilities, and Authorities enhancement of GV

GV.RR-02 Roles, Responsibilities, and Authorities enhancement of GV

GV.RR-03 Roles, Responsibilities, and Authorities enhancement of GV

GV.RR-04 Roles, Responsibilities, and Authorities enhancement of GV

GV.SC-01 Cybersecurity Supply Chain Risk Management enhancement of GV

GV.SC-02 Cybersecurity Supply Chain Risk Management enhancement of GV

GV.SC-03 Cybersecurity Supply Chain Risk Management enhancement of GV

GV.SC-04 Cybersecurity Supply Chain Risk Management enhancement of GV

GV.SC-05 Cybersecurity Supply Chain Risk Management enhancement of GV

GV.SC-06 Cybersecurity Supply Chain Risk Management enhancement of GV

GV.SC-07 Cybersecurity Supply Chain Risk Management enhancement of GV

GV.SC-08 Cybersecurity Supply Chain Risk Management enhancement of GV

GV.SC-09 Cybersecurity Supply Chain Risk Management enhancement of GV

GV.SC-10 Cybersecurity Supply Chain Risk Management enhancement of GV

ID.AM-01 Asset Management enhancement of ID

ID.AM-02 Asset Management enhancement of ID

ID.AM-03 Asset Management enhancement of ID

ID.AM-04 Asset Management enhancement of ID

ID.AM-05 Asset Management enhancement of ID

ID.AM-07 Asset Management enhancement of ID

ID.AM-08 Asset Management enhancement of ID

ID.IM-01 Improvement enhancement of ID

ID.IM-02 Improvement enhancement of ID

ID.IM-03 Improvement enhancement of ID

ID.IM-04 Improvement enhancement of ID

ID.RA-01 Risk Assessment enhancement of ID

ID.RA-02 Risk Assessment enhancement of ID

ID.RA-03 Risk Assessment enhancement of ID

ID.RA-04 Risk Assessment enhancement of ID

ID.RA-05 Risk Assessment enhancement of ID

ID.RA-06 Risk Assessment enhancement of ID

ID.RA-07 Risk Assessment enhancement of ID

ID.RA-08 Risk Assessment enhancement of ID

ID.RA-09 Risk Assessment enhancement of ID

ID.RA-10 Risk Assessment enhancement of ID

PR.AA-01 Identity Management, Authentication, and Access Control enhancement of PR

PR.AA-02 Identity Management, Authentication, and Access Control enhancement of PR

PR.AA-03 Identity Management, Authentication, and Access Control enhancement of PR

PR.AA-04 Identity Management, Authentication, and Access Control enhancement of PR

PR.AA-05 Identity Management, Authentication, and Access Control enhancement of PR

PR.AA-06 Identity Management, Authentication, and Access Control enhancement of PR

PR.AT-01 Awareness and Training enhancement of PR

PR.AT-02 Awareness and Training enhancement of PR

PR.DS-01 Data Security enhancement of PR

PR.DS-02 Data Security enhancement of PR

PR.DS-10 Data Security enhancement of PR

PR.DS-11 Data Security enhancement of PR

PR.IR-01 Technology Infrastructure Resilience enhancement of PR

PR.IR-02 Technology Infrastructure Resilience enhancement of PR

PR.IR-03 Technology Infrastructure Resilience enhancement of PR

PR.IR-04 Technology Infrastructure Resilience enhancement of PR

PR.PS-01 Platform Security enhancement of PR

PR.PS-02 Platform Security enhancement of PR

PR.PS-03 Platform Security enhancement of PR

PR.PS-04 Platform Security enhancement of PR

PR.PS-05 Platform Security enhancement of PR

PR.PS-06 Platform Security enhancement of PR

RC.CO-03 Incident Recovery Communication enhancement of RC

RC.CO-04 Incident Recovery Communication enhancement of RC

RC.RP-01 Incident Recovery Plan Execution enhancement of RC

RC.RP-02 Incident Recovery Plan Execution enhancement of RC

RC.RP-03 Incident Recovery Plan Execution enhancement of RC

RC.RP-04 Incident Recovery Plan Execution enhancement of RC

RC.RP-05 Incident Recovery Plan Execution enhancement of RC

RC.RP-06 Incident Recovery Plan Execution enhancement of RC

RS.AN-03 Incident Analysis enhancement of RS

RS.AN-06 Incident Analysis enhancement of RS

RS.AN-07 Incident Analysis enhancement of RS

RS.AN-08 Incident Analysis enhancement of RS

RS.CO-02 Incident Response Reporting and Communication enhancement of RS

RS.CO-03 Incident Response Reporting and Communication enhancement of RS

RS.MA-01 Incident Management enhancement of RS

RS.MA-02 Incident Management enhancement of RS

RS.MA-03 Incident Management enhancement of RS

RS.MA-04 Incident Management enhancement of RS

RS.MA-05 Incident Management enhancement of RS

RS.MI-01 Incident Mitigation enhancement of RS

RS.MI-02 Incident Mitigation enhancement of RS

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin