SA-16: Developer-provided Training

From NIST's SP800-53:

Require the developer of the system, system component, or system service to provide the following training on the correct use and operation of the implemented security and privacy functions, controls, and/or mechanisms: [Assignment: organization-defined training].

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

SP800-53 Control Mapped to NIST Cyber Security Framework

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Search:

Control ID	Description
PR.AT-3	Third-party stakeholders (e.g., suppliers, customers, partners) understand their roles and responsibilities

Showing 1 to 1 of 1 entries

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against.

Search:

ATT&CK ID	Title	Associated Tactics
T1078.003	Local Accounts	Defense Evasion, Initial Access, Persistence, Privilege Escalation
T1078.004	Cloud Accounts	Defense Evasion, Initial Access, Persistence, Privilege Escalation
T1078	Valid Accounts	Defense Evasion, Initial Access, Persistence, Privilege Escalation
T1078.001	Default Accounts	Defense Evasion, Initial Access, Persistence, Privilege Escalation
T1574.002	DLL Side-Loading	Defense Evasion, Persistence, Privilege Escalation

Showing 1 to 5 of 5 entries