Home/Compliance
nist-800-53

NIST 800-53. Security Controls

35 controls · cross-mapped to ATT&CK techniques
Translate between regulatory language and what attackers actually do. Each control maps to MITRE ATT&CK techniques; open a control to see those techniques and whether we hold detection coverage for them.
NIST 800-53 (1246)NIST CSF (106)ISO 27001:2022 (93)PCI-DSS v4.0 (75)CIS v8.1 (62)CRI Profile (60)CSA CCM v4 (57)SOC 2 TSC (57)OWASP API (10)OWASP Mobile (10)OWASP Web (10)
1246
Total controls
0%
Detection coverage
0
Covered controls
1246
Coverage gaps
▤ Export audit (CSV) Coverage report Self-assessment Show gaps only
▶ Check your own detection coverage

Paste the ATT&CK technique IDs you have Sigma/YARA rules for (one per line, e.g. T1059, T1190). The controls below will update to show YOUR coverage instead of ours.

Red team insight A nist-800-53 compliant org should have detection for the green-tagged techniques below. Controls showing no technique coverage are likely blind spots. Use gaps view to enumerate unmonitored attack paths.

Controls

35 shown of 35
SA-08
Security and Privacy Engineering Principles
family SA framework nist-800-53
ATT&CK techniques this control defends against   ✓ covered by Sigma/YARA in our corpus  × = detection gap
T1005 · Data from Local System× T1025 · Data from Removable Media T1041 · Exfiltration Over C2 Channel T1048 · Exfiltration Over Alternative Protocol× T1048.002 · Exfiltration Over Asymmetric Encrypted Non-C2 Protocol T1048.003 · Exfiltration Over Unencrypted Non-C2 Protocol× T1052 · Exfiltration Over Physical Medium× T1052.001 · Exfiltration over USB T1078 · Valid Accounts T1078.001 · Default Accounts T1078.003 · Local Accounts T1078.004 · Cloud Accounts T1134.005 · SID-History Injection T1190 · Exploit Public-Facing Application T1213.003 · Code Repositories T1482 · Domain Trust Discovery× T1559.003 · XPC Services T1567 · Exfiltration Over Web Service× T1574.002 · DLL Side-Loading× T1647 · Plist File Modification
SA-8
Security and Privacy Engineering Principles
Apply the following systems security and privacy engineering principles in the specification, design, development, implementation, and modification of the system and system components: {{ insert: param, sa-8_prm_1 }}.
family SA framework nist-800-53
Equivalent controls in other frameworks  click any to see its ATT&CK technique mappings
iso-27001-2022: A.5.6 ↗iso-27001-2022: A.8.25 ↗iso-27001-2022: A.8.26 ↗iso-27001-2022: A.8.27 ↗
SA-8.1
Clear Abstractions
Implement the security design principle of clear abstractions.
family SA framework nist-800-53
SA-8.10
Hierarchical Trust
Implement the security design principle of hierarchical trust in {{ insert: param, sa-08.10_odp }}.
family SA framework nist-800-53
SA-8.11
Inverse Modification Threshold
Implement the security design principle of inverse modification threshold in {{ insert: param, sa-08.11_odp }}.
family SA framework nist-800-53
SA-8.12
Hierarchical Protection
Implement the security design principle of hierarchical protection in {{ insert: param, sa-08.12_odp }}.
family SA framework nist-800-53
SA-8.13
Minimized Security Elements
Implement the security design principle of minimized security elements in {{ insert: param, sa-08.13_odp }}.
family SA framework nist-800-53
SA-8.14
Least Privilege
Implement the security design principle of least privilege in {{ insert: param, sa-08.14_odp }}.
family SA framework nist-800-53
SA-8.15
Predicate Permission
Implement the security design principle of predicate permission in {{ insert: param, sa-08.15_odp }}.
family SA framework nist-800-53
SA-8.16
Self-reliant Trustworthiness
Implement the security design principle of self-reliant trustworthiness in {{ insert: param, sa-08.16_odp }}.
family SA framework nist-800-53
SA-8.17
Secure Distributed Composition
Implement the security design principle of secure distributed composition in {{ insert: param, sa-08.17_odp }}.
family SA framework nist-800-53
SA-8.18
Trusted Communications Channels
Implement the security design principle of trusted communications channels in {{ insert: param, sa-08.18_odp }}.
family SA framework nist-800-53
SA-8.19
Continuous Protection
Implement the security design principle of continuous protection in {{ insert: param, sa-08.19_odp }}.
family SA framework nist-800-53
SA-8.2
Least Common Mechanism
Implement the security design principle of least common mechanism in {{ insert: param, sa-08.02_odp }}.
family SA framework nist-800-53
SA-8.20
Secure Metadata Management
Implement the security design principle of secure metadata management in {{ insert: param, sa-08.20_odp }}.
family SA framework nist-800-53
SA-8.21
Self-analysis
Implement the security design principle of self-analysis in {{ insert: param, sa-08.21_odp }}.
family SA framework nist-800-53
SA-8.22
Accountability and Traceability
Implement the security design principle of accountability and traceability in {{ insert: param, sa-8.22_prm_1 }}.
family SA framework nist-800-53
SA-8.23
Secure Defaults
Implement the security design principle of secure defaults in {{ insert: param, sa-08.23_odp }}.
family SA framework nist-800-53
SA-8.24
Secure Failure and Recovery
Implement the security design principle of secure failure and recovery in {{ insert: param, sa-8.24_prm_1 }}.
family SA framework nist-800-53
SA-8.25
Economic Security
Implement the security design principle of economic security in {{ insert: param, sa-08.25_odp }}.
family SA framework nist-800-53
SA-8.26
Performance Security
Implement the security design principle of performance security in {{ insert: param, sa-08.26_odp }}.
family SA framework nist-800-53
SA-8.27
Human Factored Security
Implement the security design principle of human factored security in {{ insert: param, sa-08.27_odp }}.
family SA framework nist-800-53
SA-8.28
Acceptable Security
Implement the security design principle of acceptable security in {{ insert: param, sa-08.28_odp }}.
family SA framework nist-800-53
SA-8.29
Repeatable and Documented Procedures
Implement the security design principle of repeatable and documented procedures in {{ insert: param, sa-08.29_odp }}.
family SA framework nist-800-53
SA-8.3
Modularity and Layering
Implement the security design principles of modularity and layering in {{ insert: param, sa-8.3_prm_1 }}.
family SA framework nist-800-53
SA-8.30
Procedural Rigor
Implement the security design principle of procedural rigor in {{ insert: param, sa-08.30_odp }}.
family SA framework nist-800-53
SA-8.31
Secure System Modification
Implement the security design principle of secure system modification in {{ insert: param, sa-08.31_odp }}.
family SA framework nist-800-53
SA-8.32
Sufficient Documentation
Implement the security design principle of sufficient documentation in {{ insert: param, sa-08.32_odp }}.
family SA framework nist-800-53
SA-8.33
Minimization
Implement the privacy principle of minimization using {{ insert: param, sa-08.33_odp }}.
family SA framework nist-800-53
SA-8.4
Partially Ordered Dependencies
Implement the security design principle of partially ordered dependencies in {{ insert: param, sa-08.04_odp }}.
family SA framework nist-800-53
SA-8.5
Efficiently Mediated Access
Implement the security design principle of efficiently mediated access in {{ insert: param, sa-08.05_odp }}.
family SA framework nist-800-53
SA-8.6
Minimized Sharing
Implement the security design principle of minimized sharing in {{ insert: param, sa-08.06_odp }}.
family SA framework nist-800-53
SA-8.7
Reduced Complexity
Implement the security design principle of reduced complexity in {{ insert: param, sa-08.07_odp }}.
family SA framework nist-800-53
SA-8.8
Secure Evolvability
Implement the security design principle of secure evolvability in {{ insert: param, sa-08.08_odp }}.
family SA framework nist-800-53
SA-8.9
Trusted Components
Implement the security design principle of trusted components in {{ insert: param, sa-08.09_odp }}.
family SA framework nist-800-53
Showing 1-35 of 35
Prev 1 Next
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh  ·  Open-source threat intelligence platform  ·  100+ authoritative sources  ·  Every fact traces to its origin