Cyber Resilience

NIST 800-53 r5 · Controls catalogue · Family AU

AU-9Protection of Audit Information

Protect audit information and audit logging tools from unauthorized access, modification, and deletion; and Alert {{ insert: param, au-09_odp }} upon detection of unauthorized access, modification, or deletion of audit information.

Last updated: 04 July 2026 00:28 UTC

Cumulative inbound coverage

How completely the frameworks we cross-walk collectively cover this — the verdict is the strongest single mapping (overlapping partials are not summed); breadth shows the corroboration behind it.

Collective: full · 5 mapping(s) from 2 framework(s): CSF 2.0 3 (partial) · ASVS 5.0 2 (full)

See the full cumulative-coverage rollup →

Implementations targeting this control (5)

ATT&CK techniques this control mitigates (0)

Weaknesses this control addresses (3)AI

CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.

CWE Name CVEs Why this control addresses it
CWE-200Exposure of Sensitive Information to an Unauthorized Actor10,501Protecting audit information prevents exposure of sensitive data contained within logs to unauthorized actors.
CWE-284Improper Access Control5,367The control directly enforces access controls to prevent unauthorized access, modification, or deletion of audit information and tools.
CWE-732Incorrect Permission Assignment for Critical Resource1,874Audit logs and logging tools are critical resources whose protection requires correct permission assignments to block unauthorized actions.

Top CVEs where this control is the strongest mitigation

CVE Risk CVSS EPSS Match
CVE-2024-204408.07.50.5147good
CVE-2025-276827.09.80.0065good
CVE-2024-135137.09.80.0072good
CVE-2026-47885.58.40.0012good
CVE-2025-229605.58.00.0039good
CVE-2026-282615.57.80.0011good
CVE-2026-03835.57.80.0020good
CVE-2023-226495.58.40.0188good
CVE-2024-579573.56.60.0030good
CVE-2026-279003.55.00.0047good
CVE-2025-133157.09.80.3194good
CVE-2024-488527.09.40.0237good
CVE-2025-304247.09.80.0094good
CVE-2025-110087.09.80.0044good
CVE-2024-529757.09.00.0027good
CVE-2026-09057.09.80.0022good
CVE-2023-50036.07.50.2586good
CVE-2024-21645 UPD6.05.30.2451good
CVE-2026-220385.58.10.0043good
CVE-2026-237755.57.60.0033good
CVE-2024-84745.57.50.0053partial
CVE-2025-672235.57.50.0063good
CVE-2026-4276 UPD5.57.50.0028good
CVE-2025-10755.57.50.0029good
CVE-2025-264955.57.50.0031good

Other controls in family AU

AU-1 AU-10 AU-11 AU-12 AU-13 AU-14 AU-15 AU-16 AU-2 AU-3 AU-4 AU-5 AU-6 AU-7 AU-8