Cyber Posture

Controls

What actually mitigates, mapped and graded — 17,822 cross-framework control mappings, 552 of 902 rolled-up controls and weaknesses verified as mostly-or-fully covered.

Last updated: 04 July 2026 01:29 UTC

Control gaps by actor

For each of the most active actors, the NIST 800-53 controls that mitigate the largest share of their ATT&CK techniques — and how much of their playbook even the best single control leaves uncovered.

ActorStart-here controls Best coverageUncovered share
Kimsuky171 techniquesSI-4CM-6CM-250%50%
APT28129 techniquesCM-6SI-4CM-261%39%
Lazarus Group128 techniquesSI-4CM-2CM-660%40%
APT41115 techniquesSI-4CM-6CM-264%36%
Mustang Panda114 techniquesSI-4CM-2CM-661%39%
Magic Hound109 techniquesSI-4CM-6CM-258%42%
Sandworm Team109 techniquesSI-4CM-6CM-259%41%
APT32106 techniquesSI-4CM-6CM-267%33%

Coverage = the share of an actor's ATT&CK techniques that our cross-walks map the control as mitigating. How actor data is built.