175 mapped techniquesmax 13 frameworks per technique
COVERAGECompliance coverage map
Techniques ranked by how many compliance frameworks cite them. The top of the list is the highest-defensibility surface — buyers can trust these techniques because multiple regulations independently require coverage. Curated by Adam Lundqvist, Founder at SQUR.
Distribution
| Frameworks per technique | Count | Implication |
|---|---|---|
| 13 | 4 | Defensibility ceiling — buyers expect coverage |
| 12 | 6 | Defensibility ceiling — buyers expect coverage |
| 11 | 6 | Defensibility ceiling — buyers expect coverage |
| 10 | 6 | Defensibility ceiling — buyers expect coverage |
| 9 | 2 | Defensibility ceiling — buyers expect coverage |
| 8 | 5 | Defensibility ceiling — buyers expect coverage |
| 7 | 3 | Defensibility ceiling — buyers expect coverage |
| 6 | 5 | Defensibility ceiling — buyers expect coverage |
| 5 | 11 | Defensibility ceiling — buyers expect coverage |
| 4 | 12 | Multi-framework backing |
| 3 | 16 | Multi-framework backing |
| 2 | 24 | Two frameworks cite — corroboration starts |
| 1 | 75 | Single-framework only |
Top 25 most-mapped techniques
| Technique | Title | Frameworks | Controls | Frameworks citing |
|---|---|---|---|---|
| T1005 | Data from Local System | 13 | 71 | AI Act, CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP, PCI DSS, TIBER-EU |
| T1068 | Exploitation for Privilege Escalation | 13 | 58 | AI Act, CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP, PCI DSS, TIBER-EU |
| T1190 | Exploit Public-Facing Application | 13 | 45 | AI Act, CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP, PCI DSS, TIBER-EU |
| T1071 | Application Layer Protocol | 13 | 41 | AI Act, CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP, PCI DSS, TIBER-EU |
| T1041 | Exfiltration Over C2 Channel | 12 | 76 | AI Act, CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP, PCI DSS |
| T1003 | OS Credential Dumping | 12 | 67 | AI Act, CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP, PCI DSS |
| T1078 | Valid Accounts | 12 | 53 | AI Act, CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP, PCI DSS |
| T1027 | Obfuscated Files or Information | 12 | 50 | AI Act, CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP LLM, OWASP, PCI DSS, TIBER-EU |
| T1486 | Data Encrypted for Impact | 12 | 42 | AI Act, CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP LLM, OWASP, PCI DSS, TIBER-EU |
| T1083 | File and Directory Discovery | 12 | 33 | AI Act, CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP, PCI DSS |
| T1021 | Remote Services | 11 | 46 | CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP LLM, OWASP, PCI DSS, TIBER-EU |
| T1087 | Account Discovery | 11 | 34 | AI Act, CIS v8, DORA, ISO 27001, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP, PCI DSS, TIBER-EU |
| T1059 | Command and Scripting Interpreter | 11 | 27 | AI Act, CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP |
| T1018 | Remote System Discovery | 11 | 20 | CIS v8, DORA, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP, PCI DSS, TIBER-EU |
| T1547 | Boot or Logon Autostart Execution | 11 | 19 | AI Act, CIS v8, DORA, GDPR, ISO 27001, NIS2, NIST CSF, OWASP LLM, OWASP, PCI DSS, TIBER-EU |
| T1485 | Data Destruction | 11 | 16 | AI Act, CIS v8, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP, PCI DSS |
| T1133 | External Remote Services | 10 | 33 | CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, PCI DSS |
| T1490 | Inhibit System Recovery | 10 | 26 | AI Act, CIS v8, DORA, ISO 27001, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP, PCI DSS |
| T1071.001 | Web Protocols | 10 | 26 | CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, OWASP API, OWASP LLM, OWASP |
| T1547.001 | Registry Run Keys / Startup Folder | 10 | 19 | AI Act, CIS v8, DORA, GDPR, ISO 27001, NIS2, NIST CSF, OWASP LLM, OWASP, PCI DSS |
| T1566 | Phishing | 10 | 16 | AI Act, CIS v8, DORA, GDPR, ISO 27001, ISO 27701, NIS2, NIST CSF, PCI DSS, TIBER-EU |
| T1070.004 | File Deletion | 10 | 15 | AI Act, CIS v8, DORA, GDPR, ISO 27001, NIS2, NIST CSF, OWASP API, OWASP LLM, PCI DSS |
| T1046 | Network Service Discovery | 9 | 42 | CIS v8, DORA, GDPR, ISO 27001, NIS2, NIST CSF, OWASP API, OWASP, PCI DSS |
| T1039 | Data from Network Shared Drive | 9 | 14 | CIS v8, DORA, GDPR, ISO 27701, NIS2, OWASP LLM, OWASP, PCI DSS, TIBER-EU |
| T1021.001 | Remote Desktop Protocol | 8 | 22 | CIS v8, DORA, GDPR, ISO 27001, NIS2, NIST CSF, OWASP API, OWASP LLM |
Showing top 25 of 175. Full distribution above. Click any technique ID to see its detail page + linked compliance edges via EdgeNeighbours.