This report maps owasp-web-2021 controls to the MITRE ATT&CK techniques they address, then checks each technique against our detection corpus (Sigma, CAR, IDS, YARA, Falco). It shows, control by control, what attacks each control is meant to stop and whether those attacks are actually detectable today. Use it as the threat-informed backbone of an audit response or pentest report.