SI-10: Information Input Validation

From NIST's SP800-53:

Check the validity of the following information inputs: [Assignment: organization-defined information inputs to the system].

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against.

ATT&CK ID	Title	Associated Tactics
T1095	Non-Application Layer Protocol	Command and Control
T1127	Trusted Developer Utilities Proxy Execution	Defense Evasion
T1499.001	OS Exhaustion Flood	Impact
T1553.003	SIP and Trust Provider Hijacking	Defense Evasion
T1602.001	SNMP (MIB Dump)	Collection
T1557.002	ARP Cache Poisoning	Collection, Credential Access
T1071.004	DNS	Command and Control
T1537	Transfer Data to Cloud Account	Exfiltration
T1572	Protocol Tunneling	Command and Control
T1498.001	Direct Network Flood	Impact
T1059.008	Network Device CLI	Execution
T1599.001	Network Address Translation Traversal	Defense Evasion
T1021.002	SMB/Windows Admin Shares	Lateral Movement
T1204	User Execution	Execution
T1574.013	KernelCallbackTable	Defense Evasion, Persistence, Privilege Escalation
T1080	Taint Shared Content	Lateral Movement
T1574	Hijack Execution Flow	Defense Evasion, Persistence, Privilege Escalation
T1090.003	Multi-hop Proxy	Command and Control
T1574.007	Path Interception by PATH Environment Variable	Defense Evasion, Persistence, Privilege Escalation
T1220	XSL Script Processing	Defense Evasion
T1176	Browser Extensions	Persistence
T1574.012	COR_PROFILER	Defense Evasion, Persistence, Privilege Escalation
T1218.013	Mavinject	Defense Evasion
T1218.004	InstallUtil	Defense Evasion
T1574.001	DLL Search Order Hijacking	Defense Evasion, Persistence, Privilege Escalation
T1546.002	Screensaver	Persistence, Privilege Escalation
T1059	Command and Scripting Interpreter	Execution
T1499	Endpoint Denial of Service	Impact
T1546.009	AppCert DLLs	Persistence, Privilege Escalation
T1197	BITS Jobs	Defense Evasion, Persistence
T1059.007	JavaScript	Execution
T1218.008	Odbcconf	Defense Evasion
T1204.002	Malicious File	Execution
T1602.002	Network Device Configuration Dump	Collection
T1219	Remote Access Software	Command and Control
T1129	Shared Modules	Execution
T1048.002	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	Exfiltration
T1574.009	Path Interception by Unquoted Path	Defense Evasion, Persistence, Privilege Escalation
T1553.001	Gatekeeper Bypass	Defense Evasion
T1036.005	Match Legitimate Name or Location	Defense Evasion
T1553.005	Mark-of-the-Web Bypass	Defense Evasion
T1218.011	Rundll32	Defense Evasion
T1498	Network Denial of Service	Impact
T1552	Unsecured Credentials	Credential Access
T1187	Forced Authentication	Credential Access
T1218.014	MMC	Defense Evasion
T1221	Template Injection	Defense Evasion
T1570	Lateral Tool Transfer	Lateral Movement
T1048	Exfiltration Over Alternative Protocol	Exfiltration
T1599	Network Boundary Bridging	Defense Evasion
T1059.002	AppleScript	Execution
T1547.006	Kernel Modules and Extensions	Persistence, Privilege Escalation
T1216.001	PubPrn	Defense Evasion
T1059.004	Unix Shell	Execution
T1557	Adversary-in-the-Middle	Collection, Credential Access
T1059.001	PowerShell	Execution
T1498.002	Reflection Amplification	Impact
T1059.005	Visual Basic	Execution
T1218	System Binary Proxy Execution	Defense Evasion
T1609	Container Administration Command	Execution
T1499.002	Service Exhaustion Flood	Impact
T1602	Data from Configuration Repository	Collection
T1546.010	AppInit DLLs	Persistence, Privilege Escalation
T1218.010	Regsvr32	Defense Evasion
T1218.003	CMSTP	Defense Evasion
T1190	Exploit Public-Facing Application	Initial Access
T1048.001	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Exfiltration
T1574.008	Path Interception by Search Order Hijacking	Defense Evasion, Persistence, Privilege Escalation
T1216	System Script Proxy Execution	Defense Evasion
T1218.005	Mshta	Defense Evasion
T1036	Masquerading	Defense Evasion
T1059.006	Python	Execution
T1553	Subvert Trust Controls	Defense Evasion
T1574.006	Dynamic Linker Hijacking	Defense Evasion, Persistence, Privilege Escalation
T1552.005	Cloud Instance Metadata API	Credential Access
T1546.006	LC_LOAD_DYLIB Addition	Persistence, Privilege Escalation
T1218.009	Regsvcs/Regasm	Defense Evasion
T1059.003	Windows Command Shell	Execution
T1547.004	Winlogon Helper DLL	Persistence, Privilege Escalation
T1557.001	LLMNR/NBT-NS Poisoning and SMB Relay	Collection, Credential Access
T1218.001	Compiled HTML File	Defense Evasion
T1622	Debugger Evasion	Defense Evasion, Discovery
T1218.012	Verclsid	Defense Evasion
T1546.008	Accessibility Features	Persistence, Privilege Escalation
T1557.003	DHCP Spoofing	Collection, Credential Access
T1021.005	VNC	Lateral Movement
T1499.004	Application or System Exploitation	Impact
T1499.003	Application Exhaustion Flood	Impact
T1218.002	Control Panel	Defense Evasion
T1048.003	Exfiltration Over Unencrypted Non-C2 Protocol	Exfiltration
T1564.006	Run Virtual Instance	Defense Evasion
T1564.003	Hidden Window	Defense Evasion
T1090	Proxy	Command and Control
T1530	Data from Cloud Storage	Collection
T1564.009	Resource Forking	Defense Evasion