AttackIQ Validates NIST 800-53 Security Controls Against MITRE ATT&CK
Verifying effective compliance and aligning preeminent cybersecurity frameworks
SANTA CLARA, Calif. — AttackIQ announced that its Security Optimization Platform can test the NIST 800-53 family of security controls against the MITRE ATT&CK framework, measuring security control effectiveness and providing security teams with real data about compliance. In addition to NIST 800-53 compliance, the platform can now test security controls under the U.S. Department of Defense Cybersecurity Maturity Model (CMMC).
In making these product innovations, AttackIQ is building on the work of MITRE Engenuity’s Center for Threat-Informed Defense, which released an important body of research mapping the MITRE ATT&CK matrix to the NIST 800-53 family of security controls. As a result, security leaders can now align the known threat behaviors of ATT&CK to measure and test security effectiveness against NIST 800-53. AttackIQ uses this research to provide organizations with increased certainty about their compliance effectiveness with NIST 800-53 and the DoD CMMC.