ISO 27001:2022 — Compliance Controls · threatengine.sh

Home/Compliance

iso-27001-2022

ISO 27001:2022. Security Controls

1 controls · cross-mapped to ATT&CK techniques

Translate between regulatory language and what attackers actually do. Each control maps to MITRE ATT&CK techniques; open a control to see those techniques and whether we hold detection coverage for them.

NIST 800-53 (1246)NIST CSF (106)ISO 27001:2022 (93)PCI-DSS v4.0 (75)CIS v8.1 (62)CRI Profile (60)CSA CCM v4 (57)SOC 2 TSC (57)OWASP API (10)OWASP Mobile (10)OWASP Web (10)

93

Total controls

0%

Detection coverage

0

Covered controls

93

Coverage gaps

▤ Export audit (CSV) Coverage report Self-assessment Show gaps only

▶ Check your own detection coverage

Paste the ATT&CK technique IDs you have Sigma/YARA rules for (one per line, e.g. T1059, T1190). The controls below will update to show YOUR coverage instead of ours.

Red team insight A iso-27001-2022 compliant org should have detection for the green-tagged techniques below. Controls showing no technique coverage are likely blind spots. Use gaps view to enumerate unmonitored attack paths.

▤

Controls

1 shown of 1

A.5.14

Information transfer

medium

family Organizational framework iso-27001-2022

ATT&CK techniques this control defends against ✓ covered by Sigma/YARA in our corpus × = detection gap

× T1020.001 · Traffic Duplication ✓ T1021 · Remote Services ✓ T1021.001 · Remote Desktop Protocol ✓ T1021.004 · SSH ✓ T1021.007 · Cloud Services × T1021.008 · Direct Cloud VM Connections ✓ T1041 · Exfiltration Over C2 Channel ✓ T1048 · Exfiltration Over Alternative Protocol × T1048.002 · Exfiltration Over Asymmetric Encrypted Non-C2 Protocol ✓ T1048.003 · Exfiltration Over Unencrypted Non-C2 Protocol × T1052 · Exfiltration Over Physical Medium × T1052.001 · Exfiltration over USB × T1070.008 · Clear Mailbox Data ✓ T1072 · Software Deployment Tools ✓ T1078.002 · Domain Accounts ✓ T1078.004 · Cloud Accounts ✓ T1098.001 · Additional Cloud Credentials × T1098.002 · Additional Email Delegate Permissions ✓ T1098.003 · Additional Cloud Roles ✓ T1098.004 · SSH Authorized Keys ✓ T1098.005 · Device Registration ✓ T1110 · Brute Force ✓ T1110.001 · Password Guessing ✓ T1110.002 · Password Cracking × T1110.003 · Password Spraying × T1110.004 · Credential Stuffing × T1111 · Multi-Factor Authentication Interception ✓ T1114 · Email Collection ✓ T1114.001 · Local Email Collection × T1114.002 · Remote Email Collection ✓ T1114.003 · Email Forwarding Rule ✓ T1119 · Automated Collection ✓ T1133 · External Remote Services ✓ T1134.005 · SID-History Injection ✓ T1136 · Create Account ✓ T1136.001 · Local Account ✓ T1136.002 · Domain Account ✓ T1136.003 · Cloud Account ✓ T1200 · Hardware Additions ✓ T1505.005 · Terminal Services DLL

Equivalent controls in other frameworks click any to see its ATT&CK technique mappings

nist-800-53: AC-20 ↗nist-800-53: CA-3 ↗nist-800-53: SC-8 ↗

Showing 1-1 of 1

Prev 1 Next

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin