14 frameworks127 controls
CROSSWALKFramework crosswalk
14 compliance frameworks mapped to ATT&CK. Click a cell to see overlapping controls and shared techniques. Authored by Adam Lundqvist.
Cells coloured by Jaccard similarity of technique sets.
01
| DORA | ISO 27001 | PCI DSS v4 | CIS v8 | NIS2 | OWASP API Top 10 | OWASP LLM Top 10 | OWASP Top 10 | ISO 27701 | EU AI Act | GDPR | NIST CSF | EU CRA | TIBER-EU | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DORA | 0.40 | 0.36 | 0.48 | 0.54 | 0.23 | 0.31 | 0.33 | 0.29 | 0.26 | 0.45 | 0.46 | 0.19 | ||
| ISO 27001 | 0.40 | 0.33 | 0.53 | 0.44 | 0.30 | 0.29 | 0.34 | 0.28 | 0.25 | 0.40 | 0.36 | 0.14 | ||
| PCI DSS v4 | 0.36 | 0.33 | 0.41 | 0.41 | 0.33 | 0.35 | 0.33 | 0.39 | 0.40 | 0.30 | 0.33 | 0.29 | ||
| CIS v8 | 0.48 | 0.53 | 0.41 | 0.54 | 0.33 | 0.33 | 0.39 | 0.29 | 0.30 | 0.51 | 0.48 | 0.19 | ||
| NIS2 | 0.54 | 0.44 | 0.41 | 0.54 | 0.33 | 0.36 | 0.32 | 0.32 | 0.27 | 0.45 | 0.47 | 0.22 | ||
| OWASP API Top 10 | 0.23 | 0.30 | 0.33 | 0.33 | 0.33 | 0.36 | 0.35 | 0.26 | 0.20 | 0.25 | 0.31 | 0.11 | ||
| OWASP LLM Top 10 | 0.31 | 0.29 | 0.35 | 0.33 | 0.36 | 0.36 | 0.39 | 0.39 | 0.31 | 0.37 | 0.39 | 0.21 | ||
| OWASP Top 10 | 0.33 | 0.34 | 0.33 | 0.39 | 0.32 | 0.35 | 0.39 | 0.28 | 0.27 | 0.31 | 0.35 | 0.17 | ||
| ISO 27701 | 0.29 | 0.28 | 0.39 | 0.29 | 0.32 | 0.26 | 0.39 | 0.28 | 0.30 | 0.38 | 0.26 | 0.29 | ||
| EU AI Act | 0.26 | 0.25 | 0.40 | 0.30 | 0.27 | 0.20 | 0.31 | 0.27 | 0.30 | 0.40 | 0.31 | 0.27 | ||
| GDPR | 0.45 | 0.40 | 0.30 | 0.51 | 0.45 | 0.25 | 0.37 | 0.31 | 0.38 | 0.40 | 0.44 | 0.21 | ||
| NIST CSF | 0.46 | 0.36 | 0.33 | 0.48 | 0.47 | 0.31 | 0.39 | 0.35 | 0.26 | 0.31 | 0.44 | 0.18 | ||
| EU CRA | ||||||||||||||
| TIBER-EU | 0.19 | 0.14 | 0.29 | 0.19 | 0.22 | 0.11 | 0.21 | 0.17 | 0.29 | 0.27 | 0.21 | 0.18 |
NIST CSF ↔ ISO 27001 — 35 shared techniques
Clear ✕| Control A | Control B | Shared | Examples |
|---|---|---|---|
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | A.5.7 Threat intelligence | 12 | T1190, T1566, T1059, T1547 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | A.8.16 Monitoring activities | 11 | T1059, T1547, T1068, T1070 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | A.8.21 Security of network services | 10 | T1078, T1133, T1068, T1070.004 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | A.8.25 Secure development life cycle | 10 | T1133, T1547.001, T1068, T1055 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | A.8.9 Configuration management | 9 | T1133, T1547.001, T1068, T1003 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | A.8.8 Management of technical vulnerabilities | 9 | T1190, T1059, T1068, T1027 |
| RESPOND RESPOND (RS) — Take action regarding a detected… | A.8.9 Configuration management | 9 | T1190, T1068, T1087.001, T1021.001 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | A.8.16 Monitoring activities | 8 | T1078, T1133, T1068, T1003 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | A.8.26 Application security requirements | 8 | T1078, T1133, T1068, T1055 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | A.8.28 Secure coding | 8 | T1133, T1547.001, T1068, T1070.004 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | A.8.8 Management of technical vulnerabilities | 8 | T1078, T1068, T1055, T1027 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | A.8.2 Privileged access rights | 8 | T1059, T1068, T1070, T1003 |
| RESPOND RESPOND (RS) — Take action regarding a detected… | A.8.28 Secure coding | 8 | T1190, T1068, T1070.004, T1003.001 |
| IDENTIFY IDENTIFY (ID) — Understand organisational cyber… | A.5.7 Threat intelligence | 7 | T1087, T1003, T1190, T1036 |
| IDENTIFY IDENTIFY (ID) — Understand organisational cyber… | A.8.16 Monitoring activities | 7 | T1046, T1087, T1003, T1036 |
| IDENTIFY IDENTIFY (ID) — Understand organisational cyber… | A.8.2 Privileged access rights | 7 | T1087, T1018, T1003, T1053 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | A.8.26 Application security requirements | 7 | T1190, T1059, T1068, T1003 |
| RESPOND RESPOND (RS) — Take action regarding a detected… | A.8.23 Web filtering | 7 | T1068, T1003.001, T1021.001, T1005 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | A.5.7 Threat intelligence | 6 | T1068, T1027, T1003, T1087 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | A.8.23 Web filtering | 6 | T1547.001, T1068, T1027, T1021.001 |
| GOVERN GOVERN (GV) — Establish and monitor the cyberse… | A.8.2 Privileged access rights | 6 | T1078, T1068, T1003, T1087 |
| IDENTIFY IDENTIFY (ID) — Understand organisational cyber… | A.8.26 Application security requirements | 6 | T1083, T1003, T1190, T1021 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | A.8.28 Secure coding | 6 | T1190, T1059, T1068, T1027 |
| PROTECT PROTECT (PR) — Use safeguards to manage cyberse… | A.8.9 Configuration management | 6 | T1190, T1068, T1003, T1046 |
| RESPOND RESPOND (RS) — Take action regarding a detected… | A.8.21 Security of network services | 6 | T1190, T1068, T1070.004, T1021.001 |
Showing top 25 of 83 control pairs.
Show non-overlap — NIST CSF techniques NOT covered by ISO 27001 (23)
T1004, T1009, T1011.001, T1014, T1015, T1035, T1036.003, T1037.001, T1038, T1048.003, T1053.005, T1056, T1059.003, T1195, T1491, T1498, T1529, T1531, T1561.001, T1561.002, T1565.001, T1566.001, T1595
compliance_mappings (127 controls across 14 frameworks). Jaccard computed from the union of applicable_techniques per control. Refreshed hourly via ISR. Curated by Adam Lundqvist, Founder at SQUR.