M1030ATT&CK 14.1

M1030Network Segmentation

Description

Architect sections of the network to isolate critical systems, functions, or resources. Use physical and logical segmentation to prevent access to potentially sensitive systems and information. Use a DMZ to contain any internet-facing services that should not be exposed from the internal network. Configure separate virtual private cloud (VPC) instances to isolate critical cloud systems.

References

  1. https://attack.mitre.org/mitigations/M1030

Compliance frameworks requiring this (incoming)21

TypeTargetConfidenceTier
ComplianceControlcis_v8-3100%live
ComplianceControlnis2-art21f100%live
ComplianceControlowasp_llm_top10-llm05100%live
ComplianceControlcis_v8-5100%live
ComplianceControlnis2-art21c100%live
ComplianceControliso27001-a.8.25100%live
ComplianceControldora-art6100%live
ComplianceControlnis2-art21a100%live
ComplianceControlowasp_top10-a05100%live
ComplianceControliso27001-a.5.23100%live
ComplianceControliso27001-a.8.2100%live
ComplianceControldora-art24100%live
ComplianceControlai_act-art9100%live
ComplianceControlnis2-art21i100%live
ComplianceControldora-art28100%live
ComplianceControliso27001-a.8.29100%live
ComplianceControlnis2-art21e100%live
ComplianceControliso27001-a.8.8100%live
ComplianceControlnis2-art21d100%live
ComplianceControlowasp_top10-a08100%live
ComplianceControlowasp_llm_top10-llm03100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Mitigation
Filter Network Traffic
Mitigation
Network Intrusion Prevention
Mitigation
Data Backup
Mitigation
Limit Access to Resource Over Network
Mitigation
Data Loss Prevention
Mitigation
Active Directory Configuration
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, Founder at SQUR.