Home/Compliance
nist-800-53

NIST 800-53. Security Controls

10 controls · cross-mapped to ATT&CK techniques
Translate between regulatory language and what attackers actually do. Each control maps to MITRE ATT&CK techniques; open a control to see those techniques and whether we hold detection coverage for them.
NIST 800-53 (1246)NIST CSF (106)ISO 27001:2022 (93)PCI-DSS v4.0 (75)CIS v8.1 (62)CRI Profile (60)CSA CCM v4 (57)SOC 2 TSC (57)OWASP API (10)OWASP Mobile (10)OWASP Web (10)
1246
Total controls
0%
Detection coverage
0
Covered controls
1246
Coverage gaps
▤ Export audit (CSV) Coverage report Self-assessment Show gaps only
▶ Check your own detection coverage

Paste the ATT&CK technique IDs you have Sigma/YARA rules for (one per line, e.g. T1059, T1190). The controls below will update to show YOUR coverage instead of ours.

Red team insight A nist-800-53 compliant org should have detection for the green-tagged techniques below. Controls showing no technique coverage are likely blind spots. Use gaps view to enumerate unmonitored attack paths.

Controls

10 shown of 10
CP-09
System Backup
family CP framework nist-800-53
ATT&CK techniques this control defends against   ✓ covered by Sigma/YARA in our corpus  × = detection gap
T1003 · OS Credential Dumping T1003.003 · NTDS T1005 · Data from Local System× T1025 · Data from Removable Media T1070 · Indicator Removal T1070.001 · Clear Windows Event Logs× T1070.002 · Clear Linux or Mac System Logs× T1070.008 · Clear Mailbox Data T1119 · Automated Collection T1485 · Data Destruction× T1485.001 · Lifecycle-Triggered Deletion T1486 · Data Encrypted for Impact T1490 · Inhibit System Recovery× T1491 · Defacement T1491.001 · Internal Defacement× T1491.002 · External Defacement× T1561 · Disk Wipe T1561.001 · Disk Content Wipe T1561.002 · Disk Structure Wipe T1565 · Data Manipulation T1565.001 · Stored Data Manipulation× T1565.003 · Runtime Data Manipulation
CP-9
System Backup
Conduct backups of user-level information contained in {{ insert: param, cp-09_odp.01 }} {{ insert: param, cp-09_odp.02 }}; Conduct backups of system-level information contained in the system {{ insert: param, cp-09_odp.03 }}; Conduct backups of system documentation, including security- and privacy-related documentation {{ insert: param, cp-09_odp.04 }} ; and Protect the confidentiality, integrity, and availability of backup information.
family CP framework nist-800-53
Equivalent controls in other frameworks  click any to see its ATT&CK technique mappings
iso-27001-2022: A.8.13 ↗iso-27001-2022: A.8.14 ↗soc2-tsc: A1.2 ↗soc2-tsc: A1.3 ↗soc2-tsc: CC7.5 ↗
CP-9.1
Testing for Reliability and Integrity
Test backup information {{ insert: param, cp-9.1_prm_1 }} to verify media reliability and information integrity.
family CP framework nist-800-53
CP-9.2
Test Restoration Using Sampling
Use a sample of backup information in the restoration of selected system functions as part of contingency plan testing.
family CP framework nist-800-53
CP-9.3
Separate Storage for Critical Information
Store backup copies of {{ insert: param, cp-09.03_odp }} in a separate facility or in a fire rated container that is not collocated with the operational system.
family CP framework nist-800-53
CP-9.4
Protection from Unauthorized Modification
family CP framework nist-800-53
CP-9.5
Transfer to Alternate Storage Site
Transfer system backup information to the alternate storage site {{ insert: param, cp-9.5_prm_1 }}.
family CP framework nist-800-53
CP-9.6
Redundant Secondary System
Conduct system backup by maintaining a redundant secondary system that is not collocated with the primary system and that can be activated without loss of information or disruption to operations.
family CP framework nist-800-53
CP-9.7
Dual Authorization for Deletion or Destruction
Enforce dual authorization for the deletion or destruction of {{ insert: param, cp-09.07_odp }}.
family CP framework nist-800-53
CP-9.8
Cryptographic Protection
Implement cryptographic mechanisms to prevent unauthorized disclosure and modification of {{ insert: param, cp-09.08_odp }}.
family CP framework nist-800-53
Showing 1-10 of 10
Prev 1 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin