14 frameworks127 controls
CROSSWALKFramework crosswalk
14 compliance frameworks mapped to ATT&CK. Click a cell to see overlapping controls and shared techniques. Authored by Adam Lundqvist.
Cells coloured by Jaccard similarity of technique sets.
01
| DORA | ISO 27001 | PCI DSS v4 | CIS v8 | NIS2 | OWASP API Top 10 | OWASP LLM Top 10 | OWASP Top 10 | ISO 27701 | EU AI Act | GDPR | NIST CSF | EU CRA | TIBER-EU | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DORA | 0.40 | 0.36 | 0.48 | 0.54 | 0.23 | 0.31 | 0.33 | 0.29 | 0.26 | 0.45 | 0.46 | 0.19 | ||
| ISO 27001 | 0.40 | 0.33 | 0.53 | 0.44 | 0.30 | 0.29 | 0.34 | 0.28 | 0.25 | 0.40 | 0.36 | 0.14 | ||
| PCI DSS v4 | 0.36 | 0.33 | 0.41 | 0.41 | 0.33 | 0.35 | 0.33 | 0.39 | 0.40 | 0.30 | 0.33 | 0.29 | ||
| CIS v8 | 0.48 | 0.53 | 0.41 | 0.54 | 0.33 | 0.33 | 0.39 | 0.29 | 0.30 | 0.51 | 0.48 | 0.19 | ||
| NIS2 | 0.54 | 0.44 | 0.41 | 0.54 | 0.33 | 0.36 | 0.32 | 0.32 | 0.27 | 0.45 | 0.47 | 0.22 | ||
| OWASP API Top 10 | 0.23 | 0.30 | 0.33 | 0.33 | 0.33 | 0.36 | 0.35 | 0.26 | 0.20 | 0.25 | 0.31 | 0.11 | ||
| OWASP LLM Top 10 | 0.31 | 0.29 | 0.35 | 0.33 | 0.36 | 0.36 | 0.39 | 0.39 | 0.31 | 0.37 | 0.39 | 0.21 | ||
| OWASP Top 10 | 0.33 | 0.34 | 0.33 | 0.39 | 0.32 | 0.35 | 0.39 | 0.28 | 0.27 | 0.31 | 0.35 | 0.17 | ||
| ISO 27701 | 0.29 | 0.28 | 0.39 | 0.29 | 0.32 | 0.26 | 0.39 | 0.28 | 0.30 | 0.38 | 0.26 | 0.29 | ||
| EU AI Act | 0.26 | 0.25 | 0.40 | 0.30 | 0.27 | 0.20 | 0.31 | 0.27 | 0.30 | 0.40 | 0.31 | 0.27 | ||
| GDPR | 0.45 | 0.40 | 0.30 | 0.51 | 0.45 | 0.25 | 0.37 | 0.31 | 0.38 | 0.40 | 0.44 | 0.21 | ||
| NIST CSF | 0.46 | 0.36 | 0.33 | 0.48 | 0.47 | 0.31 | 0.39 | 0.35 | 0.26 | 0.31 | 0.44 | 0.18 | ||
| EU CRA | ||||||||||||||
| TIBER-EU | 0.19 | 0.14 | 0.29 | 0.19 | 0.22 | 0.11 | 0.21 | 0.17 | 0.29 | 0.27 | 0.21 | 0.18 |
NIST CSF ↔ DORA — 37 shared techniques
Clear ✕| Control A | Control B | Shared | Examples |
|---|---|---|---|
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | Art. 25 Advanced testing of ICT tools, systems and proc… | 11 | T1078, T1547.001, T1068, T1055 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | Art. 10 DORA-Art10__Q2.2026 | 11 | T1059, T1068, T1027, T1070 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | Art. 17 ICT-related incident management process | 11 | T1059, T1068, T1027, T1070 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | Art. 24 DORA-Art24__Q2.2026 | 11 | T1190, T1059, T1068, T1027 |
| RESPOND RESPOND (RS) — Take action regarding a detected… | Art. 7 DORA-Art7__Q2.2026 | 11 | T1190, T1068, T1070.004, T1003.001 |
| IDENTIFY IDENTIFY (ID) — Understand organisational cyber… | Art. 8 DORA-Art8__Q2.2026 | 10 | T1046, T1087, T1083, T1018 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | Art. 11 Response and recovery | 10 | T1547, T1068, T1027, T1003 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | Art. 11 Response and recovery | 9 | T1078, T1133, T1068, T1027 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | Art. 17 ICT-related incident management process | 9 | T1078, T1133, T1068, T1027 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | Art. 24 DORA-Art24__Q2.2026 | 9 | T1078, T1133, T1068, T1027 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | Art. 6 DORA-Art6__Q2.2026 | 9 | T1078, T1133, T1068, T1055 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | Art. 25 Advanced testing of ICT tools, systems and proc… | 9 | T1190, T1059, T1068, T1027 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | Art. 6 DORA-Art6__Q2.2026 | 9 | T1059, T1068, T1027, T1070 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | Art. 10 DORA-Art10__Q2.2026 | 8 | T1078, T1068, T1027, T1003 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | Art. 28 General principles for ICT third-party risk | 8 | T1078, T1133, T1068, T1003 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | Art. 7 DORA-Art7__Q2.2026 | 8 | T1547.001, T1068, T1070.004, T1027 |
| IDENTIFY IDENTIFY (ID) — Understand organisational cyber… | Art. 10 DORA-Art10__Q2.2026 | 8 | T1046, T1087, T1018, T1003 |
| IDENTIFY IDENTIFY (ID) — Understand organisational cyber… | Art. 11 Response and recovery | 8 | T1046, T1087, T1003, T1036 |
| IDENTIFY IDENTIFY (ID) — Understand organisational cyber… | Art. 24 DORA-Art24__Q2.2026 | 8 | T1046, T1087, T1003, T1190 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | Art. 13 Learning and evolving | 8 | T1059, T1027, T1070, T1003 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | Art. 28 General principles for ICT third-party risk | 8 | T1068, T1003, T1087, T1046 |
| RESPOND RESPOND (RS) — Take action regarding a detected… | Art. 25 Advanced testing of ICT tools, systems and proc… | 8 | T1190, T1068, T1021.001, T1005 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | Art. 13 Learning and evolving | 7 | T1078, T1027, T1003, T1087 |
| IDENTIFY IDENTIFY (ID) — Understand organisational cyber… | Art. 17 ICT-related incident management process | 7 | T1046, T1087, T1003, T1053 |
| IDENTIFY IDENTIFY (ID) — Understand organisational cyber… | Art. 28 General principles for ICT third-party risk | 7 | T1046, T1087, T1003, T1195 |
Showing top 25 of 83 control pairs.
Show non-overlap — NIST CSF techniques NOT covered by DORA (21)
T1004, T1011.001, T1014, T1015, T1035, T1037.001, T1038, T1053.005, T1059.003, T1087.001, T1485, T1491, T1498, T1529, T1531, T1552.001, T1561.001, T1561.002, T1562.001, T1565.001, T1595
compliance_mappings (127 controls across 14 frameworks). Jaccard computed from the union of applicable_techniques per control. Refreshed hourly via ISR. Curated by Adam Lundqvist, Founder at SQUR.