14 frameworks127 controls
CROSSWALKFramework crosswalk
14 compliance frameworks mapped to ATT&CK. Click a cell to see overlapping controls and shared techniques. Authored by Adam Lundqvist.
Cells coloured by Jaccard similarity of technique sets.
01
| DORA | ISO 27001 | PCI DSS v4 | CIS v8 | NIS2 | OWASP API Top 10 | OWASP LLM Top 10 | OWASP Top 10 | ISO 27701 | EU AI Act | GDPR | NIST CSF | EU CRA | TIBER-EU | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DORA | 0.40 | 0.36 | 0.48 | 0.54 | 0.23 | 0.31 | 0.33 | 0.29 | 0.26 | 0.45 | 0.46 | 0.19 | ||
| ISO 27001 | 0.40 | 0.33 | 0.53 | 0.44 | 0.30 | 0.29 | 0.34 | 0.28 | 0.25 | 0.40 | 0.36 | 0.14 | ||
| PCI DSS v4 | 0.36 | 0.33 | 0.41 | 0.41 | 0.33 | 0.35 | 0.33 | 0.39 | 0.40 | 0.30 | 0.33 | 0.29 | ||
| CIS v8 | 0.48 | 0.53 | 0.41 | 0.54 | 0.33 | 0.33 | 0.39 | 0.29 | 0.30 | 0.51 | 0.48 | 0.19 | ||
| NIS2 | 0.54 | 0.44 | 0.41 | 0.54 | 0.33 | 0.36 | 0.32 | 0.32 | 0.27 | 0.45 | 0.47 | 0.22 | ||
| OWASP API Top 10 | 0.23 | 0.30 | 0.33 | 0.33 | 0.33 | 0.36 | 0.35 | 0.26 | 0.20 | 0.25 | 0.31 | 0.11 | ||
| OWASP LLM Top 10 | 0.31 | 0.29 | 0.35 | 0.33 | 0.36 | 0.36 | 0.39 | 0.39 | 0.31 | 0.37 | 0.39 | 0.21 | ||
| OWASP Top 10 | 0.33 | 0.34 | 0.33 | 0.39 | 0.32 | 0.35 | 0.39 | 0.28 | 0.27 | 0.31 | 0.35 | 0.17 | ||
| ISO 27701 | 0.29 | 0.28 | 0.39 | 0.29 | 0.32 | 0.26 | 0.39 | 0.28 | 0.30 | 0.38 | 0.26 | 0.29 | ||
| EU AI Act | 0.26 | 0.25 | 0.40 | 0.30 | 0.27 | 0.20 | 0.31 | 0.27 | 0.30 | 0.40 | 0.31 | 0.27 | ||
| GDPR | 0.45 | 0.40 | 0.30 | 0.51 | 0.45 | 0.25 | 0.37 | 0.31 | 0.38 | 0.40 | 0.44 | 0.21 | ||
| NIST CSF | 0.46 | 0.36 | 0.33 | 0.48 | 0.47 | 0.31 | 0.39 | 0.35 | 0.26 | 0.31 | 0.44 | 0.18 | ||
| EU CRA | ||||||||||||||
| TIBER-EU | 0.19 | 0.14 | 0.29 | 0.19 | 0.22 | 0.11 | 0.21 | 0.17 | 0.29 | 0.27 | 0.21 | 0.18 |
OWASP LLM Top 10 ↔ NIS2 — 29 shared techniques
Clear ✕| Control A | Control B | Shared | Examples |
|---|---|---|---|
| LLM04:2025 Data and Model Poisoning | Art. 21(2)(a) Policies on risk analysis and information syste… | 9 | T1078, T1547, T1068, T1036 |
| LLM04:2025 Data and Model Poisoning | Art. 21(2)(d) Supply chain security | 9 | T1195, T1547, T1068, T1003 |
| LLM05:2025 Improper Output Handling | Art. 21(2)(a) Policies on risk analysis and information syste… | 8 | T1068, T1027, T1003, T1056 |
| LLM05:2025 Improper Output Handling | Art. 21(2)(d) Supply chain security | 8 | T1068, T1027, T1003, T1021 |
| LLM04:2025 Data and Model Poisoning | Art. 21(2)(b) Incident handling | 7 | T1078, T1036, T1003, T1005 |
| LLM05:2025 Improper Output Handling | Art. 21(2)(e) Security in network and information systems acq… | 7 | T1190, T1059, T1068, T1003 |
| LLM04:2025 Data and Model Poisoning | Art. 21(2)(e) Security in network and information systems acq… | 6 | T1078, T1068, T1003, T1021 |
| LLM04:2025 Data and Model Poisoning | Art. 21(2)(h) Policies and procedures regarding the use of cr… | 6 | T1078, T1003, T1083, T1005 |
| LLM04:2025 Data and Model Poisoning | Art. 21(2)(i) Human resources security, access control polici… | 6 | T1036, T1003, T1005, T1039 |
| LLM05:2025 Improper Output Handling | Art. 21(2)(b) Incident handling | 6 | T1059, T1027, T1003, T1021 |
| LLM05:2025 Improper Output Handling | Art. 21(2)(h) Policies and procedures regarding the use of cr… | 6 | T1027, T1003, T1056, T1083 |
| LLM02:2025 Sensitive Information Disclosure | Art. 21(2)(d) Supply chain security | 5 | T1005, T1041, T1087, T1018 |
| LLM03:2025 Supply Chain | Art. 21(2)(f) Policies and procedures to assess the effective… | 5 | T1068, T1547.001, T1005, T1041 |
| LLM04:2025 Data and Model Poisoning | Art. 21(2)(c) Business continuity and crisis management | 5 | T1078, T1005, T1039, T1041 |
| LLM04:2025 Data and Model Poisoning | Art. 21(2)(f) Policies and procedures to assess the effective… | 5 | T1078, T1068, T1003, T1005 |
| LLM04:2025 Data and Model Poisoning | Art. 21(2)(g) Basic cyber hygiene practices and cybersecurity… | 5 | T1078, T1003, T1005, T1021 |
| LLM04:2025 Data and Model Poisoning | Art. 21(2)(j) The use of multi-factor authentication or conti… | 5 | T1078, T1003, T1021, T1071 |
| LLM05:2025 Improper Output Handling | Art. 21(2)(f) Policies and procedures to assess the effective… | 5 | T1190, T1068, T1027, T1003 |
| LLM05:2025 Improper Output Handling | Art. 21(2)(g) Basic cyber hygiene practices and cybersecurity… | 5 | T1059, T1027, T1003, T1021 |
| LLM05:2025 Improper Output Handling | Art. 21(2)(j) The use of multi-factor authentication or conti… | 5 | T1003, T1056, T1021, T1071 |
| LLM06:2025 Excessive Agency | Art. 21(2)(f) Policies and procedures to assess the effective… | 5 | T1068, T1070.004, T1005, T1071.001 |
| LLM07:2025 System Prompt Leakage | Art. 21(2)(c) Business continuity and crisis management | 5 | T1027, T1005, T1039, T1041 |
| LLM07:2025 System Prompt Leakage | Art. 21(2)(d) Supply chain security | 5 | T1003, T1027, T1005, T1041 |
| LLM07:2025 System Prompt Leakage | Art. 21(2)(f) Policies and procedures to assess the effective… | 5 | T1190, T1003, T1027, T1005 |
| LLM07:2025 System Prompt Leakage | Art. 21(2)(h) Policies and procedures regarding the use of cr… | 5 | T1083, T1003, T1027, T1005 |
Showing top 25 of 60 control pairs.
Show non-overlap — OWASP LLM Top 10 techniques NOT covered by NIS2 (24)
T1059.001, T1059.003, T1059.004, T1074, T1082, T1119, T1195.001, T1195.002, T1203, T1497.001, T1499, T1530, T1531, T1560, T1562, T1562.001, T1565.001, T1566.001, T1567, T1567.002, T1592.002, T1592.004, T1595, T1598
compliance_mappings (127 controls across 14 frameworks). Jaccard computed from the union of applicable_techniques per control. Refreshed hourly via ISR. Curated by Adam Lundqvist, Founder at SQUR.