SA-22: Unsupported System Components
From NIST's SP800-53:
a. Replace system components when support for the components is no longer available from the developer, vendor, or manufacturer; or b. Provide the following options for alternative sources for continued support for unsupported components [Selection (one or more): in-house support; [Assignment: organization-defined support from external providers]].
Cyber Threat Graph Context
Explore how this control relates to the wider threat graph
MITRE ATT&CK Techniques
See which MITRE ATT&CK techniques this control helps to protect against.
| ATT&CK ID | Title | Associated Tactics |
|---|---|---|
| T1543.002 | Systemd Service | Persistence, Privilege Escalation |
| T1195.001 | Compromise Software Dependencies and Development Tools | Initial Access |
| T1543 | Create or Modify System Process | Persistence, Privilege Escalation |
| T1189 | Drive-by Compromise | Initial Access |
| T1195.002 | Compromise Software Supply Chain | Initial Access |
| T1195 | Supply Chain Compromise | Initial Access |