AC-23: Data Mining Protection

From NIST's SP800-53:

Employ [Assignment: organization-defined data mining prevention and detection techniques] for [Assignment: organization-defined data storage objects] to detect and protect against unauthorized data mining.

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against.

ATT&CK ID Title Associated Tactics
T1025 Data from Removable Media Collection
T1213.002 Sharepoint Collection
T1213 Data from Information Repositories Collection
T1041 Exfiltration Over C2 Channel Exfiltration
T1048 Exfiltration Over Alternative Protocol Exfiltration
T1052 Exfiltration Over Physical Medium Exfiltration
T1052.001 Exfiltration over USB Exfiltration
T1133 External Remote Services Initial Access, Persistence
T1005 Data from Local System Collection
T1567 Exfiltration Over Web Service Exfiltration
T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol Exfiltration
T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol Exfiltration
T1213.001 Confluence Collection
T1552.007 Container API Credential Access