SI-12: Information Management and Retention

From NIST's SP800-53:

Manage and retain information within the system and information output from the system in accordance with applicable laws, executive orders, directives, regulations, policies, standards, guidelines and operational requirements.

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

SP800-53 Control Mapped to NIST Cyber Security Framework

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Control ID	Description
PR.IP-2	A System Development Life Cycle to manage systems is implemented

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against.

ATT&CK ID	Title	Associated Tactics
T1114	Email Collection	Collection
T1558	Steal or Forge Kerberos Tickets	Credential Access
T1602.001	SNMP (MIB Dump)	Collection
T1114.002	Remote Email Collection	Collection
T1040	Network Sniffing	Credential Access, Discovery
T1558.004	AS-REP Roasting	Credential Access
T1552	Unsecured Credentials	Credential Access
T1020.001	Traffic Duplication	Exfiltration
T1565.002	Transmitted Data Manipulation	Impact
T1558.003	Kerberoasting	Credential Access
T1565.001	Stored Data Manipulation	Impact
T1548	Abuse Elevation Control Mechanism	Defense Evasion, Privilege Escalation
T1557	Adversary-in-the-Middle	Collection, Credential Access
T1070.001	Clear Windows Event Logs	Defense Evasion
T1557.002	ARP Cache Poisoning	Collection, Credential Access
T1070.008	Clear Mailbox Data	Defense Evasion
T1550.001	Application Access Token	Defense Evasion, Lateral Movement
T1003.003	NTDS	Credential Access
T1548.004	Elevated Execution with Prompt	Defense Evasion, Privilege Escalation
T1070	Indicator Removal	Defense Evasion
T1530	Data from Cloud Storage	Collection
T1003	OS Credential Dumping	Credential Access
T1070.002	Clear Linux or Mac System Logs	Defense Evasion
T1114.001	Local Email Collection	Collection
T1114.003	Email Forwarding Rule	Collection
T1119	Automated Collection	Collection
T1602.002	Network Device Configuration Dump	Collection
T1602	Data from Configuration Repository	Collection
T1565	Data Manipulation	Impact
T1552.004	Private Keys	Credential Access
T1558.002	Silver Ticket	Credential Access