SC-17: Public Key Infrastructure Certificates

From NIST's SP800-53:

a. Issue public key certificates under an [Assignment: organization-defined certificate policy] or obtain public key certificates from an approved service provider; and b. Include only approved trust anchors in trust stores or certificate stores managed by the organization.

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against.

ATT&CK ID	Title	Associated Tactics
T1606	Forge Web Credentials	Credential Access
T1072	Software Deployment Tools	Execution, Lateral Movement