IA-8: Identification and Authentication (non-organizational Users)

From NIST's SP800-53:

Uniquely identify and authenticate non-organizational users or processes acting on behalf of non-organizational users.

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Control ID	Description
PR.AC-1	Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes
PR.AC-6	Identities are proofed and bound to credentials and asserted in interactions
PR.AC-7	Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals’ security and privacy risks and other organizational risks)

See which MITRE ATT&CK techniques this control helps to protect against.

ATT&CK ID	Title	Associated Tactics
T1059.008	Network Device CLI	Execution
T1542.001	System Firmware	Defense Evasion, Persistence
T1213.002	Sharepoint	Collection
T1059.001	PowerShell	Execution
T1087.004	Cloud Account	Discovery
T1059	Command and Scripting Interpreter	Execution
T1542.003	Bootkit	Defense Evasion, Persistence
T1528	Steal Application Access Token	Credential Access
T1547.006	Kernel Modules and Extensions	Persistence, Privilege Escalation
T1538	Cloud Service Dashboard	Discovery
T1190	Exploit Public-Facing Application	Initial Access
T1213	Data from Information Repositories	Collection
T1213.001	Confluence	Collection
T1210	Exploitation of Remote Services	Lateral Movement
T1537	Transfer Data to Cloud Account	Exfiltration
T1542.005	TFTP Boot	Defense Evasion, Persistence
T1530	Data from Cloud Storage	Collection
T1542	Pre-OS Boot	Defense Evasion, Persistence
T1053	Scheduled Task/Job	Execution, Persistence, Privilege Escalation
T1053.007	Container Orchestration Job	Execution, Persistence, Privilege Escalation