← Controls / SI

SI-10 Information Accuracy, Completeness, Validity, And Authenticity

System and Information Integrity

Low Moderate High

Description

The information system checks information for accuracy, completeness, validity, and authenticity.

Supplemental Guidance

Checks for accuracy, completeness, validity, and authenticity of information are accomplished as close to the point of origin as possible. Rules for checking the valid syntax of information system inputs (e.g., character set, length, numerical range, acceptable values) are in place to verify that inputs match specified definitions for format and content. Inputs passed to interpreters are prescreened to prevent the content from being unintentionally interpreted as commands. The extent to which the information system is able to check the accuracy, completeness, validity, and authenticity of information is guided by organizational policy and operational requirements.

Enhancements

(0) None.

MITRE ATT&CK Techniques (101)

Techniques mitigated by this control, mapped via CTID.

Initial Access 1 Execution 13 Persistence 18 Privilege Escalation 17 Defense Evasion 45 Credential Access 7 Discovery 1 Lateral Movement 4 Collection 8 Command & Control 6 Exfiltration 5 Impact 8

Show all 101 techniques grouped by tactic

Initial Access

T1190 Exploit Public-Facing Application

Execution

T1059 Command and Scripting Interpreter T1129 Shared Modules T1204 User Execution T1609 Container Administration Command T1059.001 PowerShell T1059.002 AppleScript T1059.003 Windows Command Shell T1059.004 Unix Shell T1059.005 Visual Basic T1059.006 Python T1059.007 JavaScript T1059.008 Network Device CLI T1204.002 Malicious File

Persistence

T1176 Browser Extensions T1197 BITS Jobs T1574 Hijack Execution Flow T1546.002 Screensaver T1546.006 LC_LOAD_DYLIB Addition T1546.008 Accessibility Features T1546.009 AppCert DLLs T1546.010 AppInit DLLs T1547.004 Winlogon Helper DLL T1547.006 Kernel Modules and Extensions T1574.001 DLL Search Order Hijacking T1574.006 Dynamic Linker Hijacking T1574.007 Path Interception by PATH Environment Variable T1574.008 Path Interception by Search Order Hijacking T1574.009 Path Interception by Unquoted Path T1574.012 COR_PROFILER T1574.013 KernelCallbackTable T1574.014 AppDomainManager

Privilege Escalation

T1574 Hijack Execution Flow T1546.002 Screensaver T1546.006 LC_LOAD_DYLIB Addition T1546.008 Accessibility Features T1546.009 AppCert DLLs T1546.010 AppInit DLLs T1547.004 Winlogon Helper DLL T1547.006 Kernel Modules and Extensions T1548.006 TCC Manipulation T1574.001 DLL Search Order Hijacking T1574.006 Dynamic Linker Hijacking T1574.007 Path Interception by PATH Environment Variable T1574.008 Path Interception by Search Order Hijacking T1574.009 Path Interception by Unquoted Path T1574.012 COR_PROFILER T1574.013 KernelCallbackTable T1574.014 AppDomainManager

Defense Evasion

T1036 Masquerading T1127 Trusted Developer Utilities Proxy Execution T1197 BITS Jobs T1216 System Script Proxy Execution T1218 System Binary Proxy Execution T1220 XSL Script Processing T1221 Template Injection T1553 Subvert Trust Controls T1574 Hijack Execution Flow T1599 Network Boundary Bridging T1622 Debugger Evasion T1027.010 Command Obfuscation T1036.005 Match Legitimate Name or Location T1036.008 Masquerade File Type T1127.002 ClickOnce T1216.001 PubPrn T1218.001 Compiled HTML File T1218.002 Control Panel T1218.003 CMSTP T1218.004 InstallUtil T1218.005 Mshta T1218.008 Odbcconf T1218.009 Regsvcs/Regasm T1218.010 Regsvr32 T1218.011 Rundll32 T1218.012 Verclsid T1218.013 Mavinject T1218.014 MMC T1218.015 Electron Applications T1548.006 TCC Manipulation T1553.001 Gatekeeper Bypass T1553.003 SIP and Trust Provider Hijacking T1553.005 Mark-of-the-Web Bypass T1564.003 Hidden Window T1564.006 Run Virtual Instance T1564.009 Resource Forking T1574.001 DLL Search Order Hijacking T1574.006 Dynamic Linker Hijacking T1574.007 Path Interception by PATH Environment Variable T1574.008 Path Interception by Search Order Hijacking T1574.009 Path Interception by Unquoted Path T1574.012 COR_PROFILER T1574.013 KernelCallbackTable T1574.014 AppDomainManager T1599.001 Network Address Translation Traversal

Credential Access

T1187 Forced Authentication T1552 Unsecured Credentials T1557 Adversary-in-the-Middle T1552.005 Cloud Instance Metadata API T1557.001 LLMNR/NBT-NS Poisoning and SMB Relay T1557.002 ARP Cache Poisoning T1557.003 DHCP Spoofing

Discovery

T1622 Debugger Evasion

Lateral Movement

T1080 Taint Shared Content T1570 Lateral Tool Transfer T1021.002 SMB/Windows Admin Shares T1021.005 VNC

Collection

T1530 Data from Cloud Storage T1557 Adversary-in-the-Middle T1602 Data from Configuration Repository T1557.001 LLMNR/NBT-NS Poisoning and SMB Relay T1557.002 ARP Cache Poisoning T1557.003 DHCP Spoofing T1602.001 SNMP (MIB Dump) T1602.002 Network Device Configuration Dump

Command & Control

T1090 Proxy T1095 Non-Application Layer Protocol T1219 Remote Access Software T1572 Protocol Tunneling T1071.004 DNS T1090.003 Multi-hop Proxy

Exfiltration

T1048 Exfiltration Over Alternative Protocol T1537 Transfer Data to Cloud Account T1048.001 Exfiltration Over Symmetric Encrypted Non-C2 Protocol T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol

Impact

T1498 Network Denial of Service T1499 Endpoint Denial of Service T1498.001 Direct Network Flood T1498.002 Reflection Amplification T1499.001 OS Exhaustion Flood T1499.002 Service Exhaustion Flood T1499.003 Application Exhaustion Flood T1499.004 Application or System Exploitation

Compliance Mappings

COBIT 2019

DSS06

SOC 2 TSC

CC6.6CC6.6-POF2

ISO 42001:2023

A.7.2A.7.4

IEC 62443

3-3 SR 3.5

BSI IT-Grundschutz

APP.3.1

ANSSI

Hygiene.33SecNumCloud.15.3

FINMA Circular 2023/1

IV.D(78)IV.D(80)IV.E(84)

OSFI B-13

B-13.3.2

EU GDPR

Art.5(1)(d)

EU DORA

Art.9(4)(e)

RBI CSF

Annex1.6

FISC Security Guidelines

FISC.T12FISC.T5FISC.T6FISC.T8

LGPD + BCB 4893

BCB.PIX

HKMA TM-E-1

TME1.10.1TME1.3.2

EU CRA

CRA.I.2f

SAMA CSF

3.2

NCA ECC

2-14

UAE IA

T7

CBB TM

TM-7

CBUAE

CR-6

CBE CSF

CTO-4CTO-5

SA JS2

JS2-SA

CBN CSF

Part5.2

BoG CISD

CISD-IXCISD-SDLC

POPIA

s16

BoM CTRM

3.13

IOSCO Cyber Resilience

PROT-3RR-3

BCBS 239

Principle 3Principle 7

FFIEC IS

II.C.17

HIPAA Security Rule

§164.312(c)(1)

SEBI CSCRF

PR.AS

BOT Cyber Resilience

Ch2.5

CMMC 2.0

SI

ISAE 3402

Clause 4

Solvency II

Pillar3-Reporting

Lloyd's Minimum Standards

BP2.2MS1.1MS13.2MS2.1MS5.1MS6.1

PRA SS1/23

P3.2P4.3

FCA SYSC 13

SYSC 13.7.1

HITRUST CSF v11

10.b

FDA 21 CFR Part 11

§11.10(f)

FDA Cybersecurity Guidance

ST-3

OWASP MASVS v2.1

MASVS-PLATFORM-1MASVS-CODE-4

MiCA

Art.68(1)Art.69(1)Art.76(1)

Basel SCO60

SCO60.66

ISO 17799 (legacy)

10.7.312.2.112.2.2

COBIT 4.1 (legacy)

PO2.4AI2.3AI2.4DS11.1DS11.6AC3AC4AC6