SI-8: Spam Protection
From NIST's SP800-53:
a. Employ spam protection mechanisms at system entry and exit points to detect and act on unsolicited messages; and b. Update spam protection mechanisms when new releases are available in accordance with organizational configuration management policy and procedures.
Cyber Threat Graph Context
Explore how this control relates to the wider threat graph
SP800-53 Control Mapped to NIST Cyber Security Framework
Generated from NISTs SP800-53/CSF Crosswalk mappings.
| Control ID | Description |
|---|---|
| DE.CM-4 | Malicious code is detected |
MITRE ATT&CK Techniques
See which MITRE ATT&CK techniques this control helps to protect against.
| ATT&CK ID | Title | Associated Tactics |
|---|---|---|
| T1204.003 | Malicious Image | Execution |
| T1137.002 | Office Test | Persistence |
| T1137.004 | Outlook Home Page | Persistence |
| T1204.001 | Malicious Link | Execution |
| T1137.003 | Outlook Forms | Persistence |
| T1566.001 | Spearphishing Attachment | Initial Access |
| T1137.001 | Office Template Macros | Persistence |
| T1137.006 | Add-ins | Persistence |
| T1566.003 | Spearphishing via Service | Initial Access |
| T1221 | Template Injection | Defense Evasion |
| T1598.001 | Spearphishing Service | Reconnaissance |
| T1598.003 | Spearphishing Link | Reconnaissance |
| T1598 | Phishing for Information | Reconnaissance |
| T1137 | Office Application Startup | Persistence |
| T1204.002 | Malicious File | Execution |
| T1566 | Phishing | Initial Access |
| T1137.005 | Outlook Rules | Persistence |
| T1204 | User Execution | Execution |
| T1566.002 | Spearphishing Link | Initial Access |
| T1598.002 | Spearphishing Attachment | Reconnaissance |