NIST 800-53 r5 · Controls catalogue · Family SC
SC-36Distributed Processing and Storage
Distribute the following processing and storage components across multiple {{ insert: param, sc-36_prm_1 }}: {{ insert: param, sc-36_prm_2 }}.
Last updated: 09 May 2026 03:25 UTC
Implementations targeting this control (0)
- No implementations targeting this control yet.
ATT&CK techniques this control mitigates (7)
Weaknesses this control addresses (5)AI
CWEs ranked by how often they appear in real CVEs. The rationale describes how this control reduces exploitability of each weakness class.
| CWE | Name | CVEs | Why this control addresses it |
|---|---|---|---|
CWE-284 | Improper Access Control | 4,832 | Distribution forces an attacker to compromise multiple independent components rather than a single centralized target, directly reducing the impact of access control failures. |
CWE-400 | Uncontrolled Resource Consumption | 3,324 | Spreading processing and storage across locations prevents a single resource pool from being exhausted by one attack, mitigating uncontrolled consumption. |
CWE-770 | Allocation of Resources Without Limits or Throttling | 1,979 | Decentralized allocation inherently caps the resources available to any one component or attacker, countering unbounded allocation weaknesses. |
CWE-668 | Exposure of Resource to Wrong Sphere | 779 | Placing components in separate spheres limits the blast radius of any exposure, reducing the chance that a resource is reachable from an unintended domain. |
CWE-653 | Improper Isolation or Compartmentalization | 52 | Explicitly distributes components to achieve compartmentalization, making it harder to exploit weak isolation boundaries between processing or storage elements. |
Top CVEs where this control is the strongest mitigation
| CVE | Risk | CVSS | EPSS | Match |
|---|---|---|---|---|
| No CVEs annotated to this control yet — the per-CVE backfill is in progress. | ||||