IA-11: Re-authentication

From NIST's SP800-53:

Require users to re-authenticate when [Assignment: organization-defined circumstances or situations requiring re-authentication].

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Search:

Control ID	Description
PR.AC-1	Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes
PR.AC-7	Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals’ security and privacy risks and other organizational risks)

Showing 1 to 2 of 2 entries

See which MITRE ATT&CK techniques this control helps to protect against.

Search:

ATT&CK ID	Title	Associated Tactics
T1110.001	Password Guessing	Credential Access
T1556.006	Multi-Factor Authentication	Credential Access, Defense Evasion, Persistence
T1110.003	Password Spraying	Credential Access
T1110.002	Password Cracking	Credential Access
T1110	Brute Force	Credential Access
T1110.004	Credential Stuffing	Credential Access
T1556.007	Hybrid Identity	Credential Access, Defense Evasion, Persistence

Showing 1 to 7 of 7 entries