This repository contains a collection of existing mappings of cyber security controls. Two type of mappings are included, both to MITRE ATT&CK's TTPs and to controls from other frameworks. Both types are presented in their respective folders, where the original source mappings are included.
These mappings can be used to understand the relationships between various security controls and between security controls and attack techniques. Some creators tried to create their mappings in such a way that implementing one control will contribute to implementing the other, like CIS. NIST denotes that one should not assume there is a one-to-one relationship between controls, some controls might not be equal and implement either a subset or a superset of the other control. For this reason, CIS has specified the mapping relationship in their documents.
Control Set | MITRE ATT&CK Version | File | Reference | Comments |
---|---|---|---|---|
NIST SP 800-53 rev. 5 | 12.1 | file | https://github.com/center-for-threat-informed-defense/attack-control-framework-mappings | |
CIS Controls v8 | 8.2 | file | https://www.cisecurity.org/controls/cis-controls-navigator | Exported from CIS Controls Navigator |
CIS Controls v7.1 | 8.2 | file | https://www.cisecurity.org/controls/cis-controls-navigator | Exported from CIS Controls Navigator |
I've altered the spreadsheet to a standard format and removed columns aside from only the mappings themselves. This way they can be interpreted better by (custom) parsers and/or tooling. There are also new mappings created by combining the existing direct mappings from above.
At the moment I am not sure if I can publicly share these altered mappings, might come soon.
The CIS Critical Security Controls Navigator is a free tool with a dynamic list of the CIS Safeguards that can be filtered by Implementation Groups and mappings to multiple frameworks.