• xThreat Vector: Tampering
IDNameThreats
AIS-02Application Security Baseline RequirementsSTRIDE-LM
AIS-04Secure Application Design and DevelopmentSTRIDE-LM
AIS-06Automated Secure Application DeploymentSTRIDE-LM
BCR-08BackupSTRIDE-LM
CCC-04Unauthorized Change ProtectionSTRIDE-LM
CEK-03Data EncryptionSTRIDE-LM
CEK-04Encryption AlgorithmSTRIDE-LM
CEK-10Key GenerationSTRIDE-LM
CEK-11Key PurposeSTRIDE-LM
CEK-12Key RotationSTRIDE-LM
CEK-13Key RevocationSTRIDE-LM
CEK-14Key DestructionSTRIDE-LM
CEK-15Key ActivationSTRIDE-LM
CEK-16Key SuspensionSTRIDE-LM
CEK-17Key DeactivationSTRIDE-LM
CEK-19Key CompromiseSTRIDE-LM
CEK-21Key Inventory ManagementSTRIDE-LM
DCS-07Controlled Access PointsSTRIDE-LM
DCS-09Secure Area AuthorizationSTRIDE-LM
DSP-07Data Protection by Design and DefaultSTRIDE-LM
DSP-10Sensitive Data TransferSTRIDE-LM
DSP-17Sensitive Data ProtectionSTRIDE-LM
IAM-06User Access ProvisioningSTRIDE-LM
IAM-07User Access Changes and RevocationSTRIDE-LM
IAM-12Safeguard Logs IntegritySTRIDE-LM
IPY-03Secure Interoperability and Portability ManagementSTRIDE-LM
IVS-03Network SecuritySTRIDE-LM
IVS-04OS Hardening and Base ControlsSTRIDE-LM
IVS-07Migration to Cloud EnvironmentsSTRIDE-LM
LOG-02Audit Logs ProtectionSTRIDE-LM
LOG-09Log ProtectionSTRIDE-LM
LOG-11Transaction/Activity LoggingSTRIDE-LM
TVM-02Malware Protection Policy and ProceduresSTRIDE-LM
TVM-03Vulnerability Remediation ScheduleSTRIDE-LM
UEM-02Application and Service ApprovalSTRIDE-LM
UEM-06Automatic Lock ScreenSTRIDE-LM
UEM-08Storage EncryptionSTRIDE-LM
UEM-09Anti-Malware Detection and PreventionSTRIDE-LM
UEM-14Third-Party Endpoint Security PostureSTRIDE-LM