Controls
What actually mitigates, mapped and graded — 17,822 cross-framework control mappings, 552 of 902 rolled-up controls and weaknesses verified as mostly-or-fully covered.
Last updated: 04 July 2026 01:29 UTC
Act
Control gaps by actorthe busiest actors' techniques vs the controls that mitigate them — and what even the best control missesControls coverageNIST 800-53 controls mapped to the techniques and CVEs they mitigateHardening rulesDISA STIG host-hardening rules, cross-walked to 800-53Explore
Framework cross-walks17,822 graded mappings between security frameworksCross-walk explorerbrowse every mapping; filter by framework, verb, and grade800-53 cumulative coveragehow much of NIST 800-53 the mapped frameworks reachCWE cumulative coveragewhich weakness classes the control frameworks preventNIST CSF 2.0functions, categories, and their 800-53 mappingsOWASP ASVS 5.0application security verification requirementsOWASP Top 10 Web 2025category pages with per-CVE taggingCWE weakness catalogue748 weakness classes with blind spots flaggedControl gaps by actor
For each of the most active actors, the NIST 800-53 controls that mitigate the largest share of their ATT&CK techniques — and how much of their playbook even the best single control leaves uncovered.
| Actor | Start-here controls | Best coverage | Uncovered share |
|---|---|---|---|
| Kimsuky171 techniques | SI-4CM-6CM-2 | 50% | 50% |
| APT28129 techniques | CM-6SI-4CM-2 | 61% | 39% |
| Lazarus Group128 techniques | SI-4CM-2CM-6 | 60% | 40% |
| APT41115 techniques | SI-4CM-6CM-2 | 64% | 36% |
| Mustang Panda114 techniques | SI-4CM-2CM-6 | 61% | 39% |
| Magic Hound109 techniques | SI-4CM-6CM-2 | 58% | 42% |
| Sandworm Team109 techniques | SI-4CM-6CM-2 | 59% | 41% |
| APT32106 techniques | SI-4CM-6CM-2 | 67% | 33% |
Coverage = the share of an actor's ATT&CK techniques that our cross-walks map the control as mitigating. How actor data is built.