NIST 800-53 Controls to ATT&CK MappingsPublished Project
Large and complex security control frameworks such as NIST 800-53 do not relate to actionable TTPs in ATT&CK.
Create a comprehensive and open, curated set of mappings between 800-53 controls and ATT&CK techniques.
Defenders can quickly focus on understanding how the controls in use in their environment relate to adversary TTPs of interest to them.
Updated: 13 January 2022
ATT&CK Version 10
ATT&CK Version 9
ATT&CK Version 8
Funding Research Participants
Non-Profit Research Participants
This project created a comprehensive set of mappings between MITRE ATT&CK® and NIST Special Publication 800-53 with supporting documentation and resources. These mappings provide a critically important resource for organizations to assess their security control coverage against real-world threats as described in the ATT&CK knowledge base and provide a foundation for integrating ATT&CK-based threat information into the risk management process. With over 6,300 individual mappings between NIST 800-53 and ATT&CK, this resource greatly reduces the burden on the community to do their own baseline mappings– allowing organizations to focus their limited time and resources on understanding how controls map to threats in their specific environment.
NIST 800–53 Rev. 4 Mapping Overview