IA-9: Service Identification and Authentication

From NIST's SP800-53:

Uniquely identify and authenticate [Assignment: organization-defined system services and applications] before establishing communications with devices, users, or other services or applications.

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

SP800-53 Control Mapped to NIST Cyber Security Framework

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Control ID	Description
PR.AC-7	Users, devices, and other assets are authenticated (e.g., single-factor, multi-factor) commensurate with the risk of the transaction (e.g., individuals’ security and privacy risks and other organizational risks)
PR.AC-1	Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users and processes

MITRE ATT&CK Techniques

See which MITRE ATT&CK techniques this control helps to protect against.

ATT&CK ID	Title	Associated Tactics
T1598.003	Spearphishing Link	Reconnaissance
T1059.002	AppleScript	Execution
T1059	Command and Scripting Interpreter	Execution
T1525	Implant Internal Image	Persistence
T1036	Masquerading	Defense Evasion
T1036.005	Match Legitimate Name or Location	Defense Evasion
T1546	Event Triggered Execution	Persistence, Privilege Escalation
T1213.003	Code Repositories	Collection
T1554	Compromise Client Software Binary	Persistence
T1553.004	Install Root Certificate	Defense Evasion
T1553	Subvert Trust Controls	Defense Evasion
T1566.002	Spearphishing Link	Initial Access
T1546.006	LC_LOAD_DYLIB Addition	Persistence, Privilege Escalation
T1566.001	Spearphishing Attachment	Initial Access
T1059.001	PowerShell	Execution
T1036.001	Invalid Code Signature	Defense Evasion
T1598.002	Spearphishing Attachment	Reconnaissance
T1566	Phishing	Initial Access
T1562.009	Safe Mode Boot	Defense Evasion
T1546.013	PowerShell Profile	Persistence, Privilege Escalation
T1562.006	Indicator Blocking	Defense Evasion
T1598	Phishing for Information	Reconnaissance