NIST 800-53 r5 · Controls catalogue · Family AC
AC-23Data Mining Protection
Employ {{ insert: param, ac-23_odp.01 }} for {{ insert: param, ac-23_odp.02 }} to detect and protect against unauthorized data mining.
Last updated: 09 May 2026 03:25 UTC
Implementations targeting this control (0)
- No implementations targeting this control yet.
ATT&CK techniques this control mitigates (15)
- T1005 Data from Local System Collection
- T1025 Data from Removable Media Collection
- T1041 Exfiltration Over C2 Channel Exfiltration
- T1048 Exfiltration Over Alternative Protocol Exfiltration
- T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol Exfiltration
- T1048.003 Exfiltration Over Unencrypted Non-C2 Protocol Exfiltration
- T1052 Exfiltration Over Physical Medium Exfiltration
- T1052.001 Exfiltration over USB Exfiltration
- T1213 Data from Information Repositories Collection
- T1213.001 Confluence Collection
- T1213.002 Sharepoint Collection
- T1213.004 Customer Relationship Management Software Collection
- T1213.005 Messaging Applications Collection
- T1552.007 Container API Credential Access
- T1567 Exfiltration Over Web Service Exfiltration
Weaknesses this control addresses (6)AI
CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.
| CWE | Name | CVEs | Why this control addresses it |
|---|---|---|---|
CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | 10,204 | Data mining protection mechanisms detect and block unauthorized bulk extraction of sensitive data, directly mitigating exposure to unauthorized actors. |
CWE-284 | Improper Access Control | 4,832 | Provides monitoring and protection against data mining patterns that exploit improper access controls to extract data. |
CWE-285 | Improper Authorization | 1,230 | Detects and blocks data mining attempts that violate intended authorization boundaries for data access. |
CWE-668 | Exposure of Resource to Wrong Sphere | 779 | Protects against data mining that would expose resources to unauthorized spheres by enforcing detection and controls. |
CWE-497 | Exposure of Sensitive System Information to an Unauthorized Control Sphere | 314 | Employs detection to prevent unauthorized mining of sensitive system information from being exfiltrated to external control spheres. |
CWE-359 | Exposure of Private Personal Information to an Unauthorized Actor | 174 | The control detects and protects against mining of private personal information, reducing unauthorized exposure of PII. |
Top CVEs where this control is the strongest mitigation
| CVE | Risk | CVSS | EPSS | Match |
|---|---|---|---|---|
| No CVEs annotated to this control yet — the per-CVE backfill is in progress. | ||||