CSA CCM v4 — Compliance Controls · threatengine.sh

Home/Compliance

csa-ccm-4

CSA CCM v4. Security Controls

1 controls · cross-mapped to ATT&CK techniques

Translate between regulatory language and what attackers actually do. Each control maps to MITRE ATT&CK techniques; open a control to see those techniques and whether we hold detection coverage for them.

NIST 800-53 (1246)NIST CSF (106)ISO 27001:2022 (93)PCI-DSS v4.0 (75)CIS v8.1 (62)CRI Profile (60)CSA CCM v4 (57)SOC 2 TSC (57)OWASP API (10)OWASP Mobile (10)OWASP Web (10)

57

Total controls

0%

Detection coverage

0

Covered controls

57

Coverage gaps

▤ Export audit (CSV) Coverage report Self-assessment Show gaps only

▶ Check your own detection coverage

Paste the ATT&CK technique IDs you have Sigma/YARA rules for (one per line, e.g. T1059, T1190). The controls below will update to show YOUR coverage instead of ours.

Red team insight A csa-ccm-4 compliant org should have detection for the green-tagged techniques below. Controls showing no technique coverage are likely blind spots. Use gaps view to enumerate unmonitored attack paths.

▤

Controls

1 shown of 1

IAM-16

Authorization Mechanisms

family IAM framework csa-ccm-4

ATT&CK techniques this control defends against ✓ covered by Sigma/YARA in our corpus × = detection gap

✓ T1021.007 · Cloud Services × T1021.008 · Direct Cloud VM Connections ✓ T1059 · Command and Scripting Interpreter ✓ T1059.009 · Cloud API ✓ T1070 · Indicator Removal × T1070.008 · Clear Mailbox Data × T1074.002 · Remote Data Staging × T1080 · Taint Shared Content ✓ T1098 · Account Manipulation ✓ T1098.001 · Additional Cloud Credentials × T1098.002 · Additional Email Delegate Permissions ✓ T1098.003 · Additional Cloud Roles ✓ T1098.004 · SSH Authorized Keys ✓ T1098.005 · Device Registration × T1098.006 · Additional Container Cluster Roles ✓ T1136 · Create Account ✓ T1136.003 · Cloud Account × T1204.003 · Malicious Image ✓ T1213 · Data from Information Repositories ✓ T1484 · Domain or Tenant Policy Modification ✓ T1484.002 · Trust Modification ✓ T1485 · Data Destruction × T1485.001 · Lifecycle-Triggered Deletion ✓ T1486 · Data Encrypted for Impact ✓ T1490 · Inhibit System Recovery × T1491.002 · External Defacement ✓ T1496 · Resource Hijacking × T1496.001 · Compute Hijacking × T1496.002 · Bandwidth Hijacking × T1496.004 · Cloud Service Hijacking × T1530 · Data from Cloud Storage ✓ T1531 · Account Access Removal × T1535 · Unused/Unsupported Cloud Regions ✓ T1537 · Transfer Data to Cloud Account ✓ T1546 · Event Triggered Execution ✓ T1548 · Abuse Elevation Control Mechanism ✓ T1550 · Use Alternate Authentication Material ✓ T1552.005 · Cloud Instance Metadata API ✓ T1552.007 · Container API ✓ T1555 · Credentials from Password Stores

Showing 1-1 of 1

Prev 1 Next

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin