NIST 800-53 r5 · Controls catalogue · Family IR
IR-10Integrated Information Security Analysis Team
Integrated Information Security Analysis Team
Last updated: 09 May 2026 03:25 UTC
Implementations targeting this control (0)
- No implementations targeting this control yet.
ATT&CK techniques this control mitigates (0)
- No ATT&CK techniques mapped to this control yet.
Weaknesses this control addresses (5)AI
CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.
| CWE | Name | CVEs | Why this control addresses it |
|---|---|---|---|
CWE-200 | Exposure of Sensitive Information to an Unauthorized Actor | 10,204 | The integrated analysis team enables faster detection and containment of incidents involving unauthorized exposure of sensitive information, limiting attacker success in exploiting such weaknesses. |
CWE-284 | Improper Access Control | 4,832 | The team provides specialized analysis of access-related incidents, enabling quicker identification and response to unauthorized access attempts. |
CWE-287 | Improper Authentication | 4,730 | Integrated incident analysis improves detection and mitigation of authentication bypasses and failures during security events. |
CWE-400 | Uncontrolled Resource Consumption | 3,324 | The team can analyze and respond to resource exhaustion incidents, reducing the impact of attacks that exploit uncontrolled consumption weaknesses. |
CWE-693 | Protection Mechanism Failure | 476 | The integrated team focuses on root-cause analysis of security incidents, directly addressing failures in protection mechanisms that allow exploitation. |
Top CVEs where this control is the strongest mitigation
| CVE | Risk | CVSS | EPSS | Match |
|---|---|---|---|---|
| No CVEs annotated to this control yet — the per-CVE backfill is in progress. | ||||