# Mitigações MITRE ATT&CK > Catálogo completo de mitigações do framework MITRE ATT&CK Enterprise, traduzidas e contextualizadas para organizações brasileiras e latino-americanas. ## Visão Geral > [!abstract] Cobertura > **44 mitigações** documentadas — cobrindo controles de acesso, segmentação de rede, proteção de endpoints, gestão de contas e políticas de segurança. As mitigações MITRE ATT&CK representam controles de segurança e práticas recomendadas que reduzem a eficácia de técnicas de ataque. Cada mitigação está vinculada às técnicas específicas que ela ajuda a prevenir ou detectar. ## Navegar por Categoria | Categoria | Notas | Página | |-----------|-------|--------| | Controle de Acesso | 9 | [[_cat-access-control\|Controle de Acesso]] | | Proteção de Rede | 5 | [[_cat-network\|Proteção de Rede]] | | Proteção de Endpoint | 9 | [[_cat-endpoint\|Proteção de Endpoint]] | | Gestão de Dados | 6 | [[_cat-data\|Gestão de Dados]] | | Operações | 15 | [[_cat-operations\|Operações]] | ## Categorias de Mitigação ```mermaid mindmap root((Mitigações)) Controle de Acesso Account Use Policies User Account Management Privileged Account Management Multi-factor Authentication Active Directory Configuration Proteção de Rede Network Segmentation Filter Network Traffic Network Intrusion Prevention SSL/TLS Inspection Proteção de Endpoint Application Isolation and Sandboxing Antivirus/Antimalware Code Signing Execution Prevention Exploit Protection Gestão de Dados Encrypt Sensitive Information Data Loss Prevention Data Backup Operações Audit Software Configuration Operating System Configuration Update Software Vulnerability Scanning ``` ## Todas as Mitigações %% ```dataview TABLE WITHOUT ID link(file.link, title) AS "Mitigação", mitre-id AS "ID", length(techniques-mitigated) AS "Técnicas Cobertas" FROM "defenses/mitigations" WHERE type = "mitigation" SORT mitre-id ASC ``` %% <!-- QueryToSerialize: TABLE WITHOUT ID link(file.link, title) AS "Mitigação", mitre-id AS "ID", length(techniques-mitigated) AS "Técnicas Cobertas" FROM "defenses/mitigations" WHERE type = "mitigation" SORT mitre-id ASC --> <!-- SerializedQuery: TABLE WITHOUT ID link(file.link, title) AS "Mitigação", mitre-id AS "ID", length(techniques-mitigated) AS "Técnicas Cobertas" FROM "defenses/mitigations" WHERE type = "mitigation" SORT mitre-id ASC --> | Mitigação | ID | Técnicas Cobertas | | ------------------------------------------------------------------------------------------------------------------------------- | ----- | ----------------- | | [[m1013-application-developer-guidance\|M1013 - Application Developer Guidance]] | M1013 | 17 | | [[m1015-active-directory-configuration\|M1015 - Active Directory Configuration]] | M1015 | 15 | | [[m1016-vulnerability-scanning\|M1016 - Vulnerability Scanning]] | M1016 | 5 | | [[m1017-user-training\|M1017 - User Training]] | M1017 | 59 | | [[m1018-user-account-management\|M1018 - User Account Management]] | M1018 | 120 | | [[m1019-threat-intelligence-program\|M1019 - Threat Intelligence Program]] | M1019 | 5 | | [[m1020-ssltls-inspection\|M1020 - SSL/TLS Inspection]] | M1020 | 4 | | [[m1021-restrict-web-based-content\|M1021 - Restrict Web-Based Content]] | M1021 | 31 | | [[m1022-restrict-file-and-directory-permissions\|M1022 - Restrict File and Directory Permissions]] | M1022 | 61 | | [[m1024-restrict-registry-permissions\|M1024 - Restrict Registry Permissions]] | M1024 | 20 | | [[m1025-privileged-process-integrity\|M1025 - Privileged Process Integrity]] | M1025 | 7 | | [[m1026-privileged-account-management\|M1026 - Privileged Account Management]] | M1026 | 112 | | [[m1027-password-policies\|M1027 - Password Policies]] | M1027 | 47 | | [[m1028-operating-system-configuration\|M1028 - Operating System Configuration]] | M1028 | 39 | | [[m1029-remote-data-storage\|M1029 - Remote Data Storage]] | M1029 | 11 | | [[m1030-network-segmentation\|M1030 - Network Segmentation]] | M1030 | 37 | | [[m1031-network-intrusion-prevention\|M1031 - Network Intrusion Prevention]] | M1031 | 59 | | [[m1032-multi-factor-authentication\|M1032 - Multi-factor Authentication]] | M1032 | 48 | | [[m1033-limit-software-installation\|M1033 - Limit Software Installation]] | M1033 | 17 | | [[m1034-limit-hardware-installation\|M1034 - Limit Hardware Installation]] | M1034 | 7 | | [[m1035-limit-access-to-resource-over-network\|M1035 - Limit Access to Resource Over Network]] | M1035 | 19 | | [[m1036-account-use-policies\|M1036 - Account Use Policies]] | M1036 | 10 | | [[m1037-filter-network-traffic\|M1037 - Filter Network Traffic]] | M1037 | 49 | | [[m1038-execution-prevention\|M1038 - Execution Prevention]] | M1038 | 80 | | [[m1039-environment-variable-permissions\|M1039 - Environment Variable Permissions]] | M1039 | 2 | | [[m1040-behavior-prevention-on-endpoint\|M1040 - Behavior Prevention on Endpoint]] | M1040 | 51 | | [[m1041-encrypt-sensitive-information\|M1041 - Encrypt Sensitive Information]] | M1041 | 33 | | [[m1042-disable-or-remove-feature-or-program\|M1042 - Disable or Remove Feature or Program]] | M1042 | 71 | | [[m1043-credential-access-protection\|M1043 - Credential Access Protection]] | M1043 | 10 | | [[m1044-restrict-library-loading\|M1044 - Restrict Library Loading]] | M1044 | 3 | | [[m1045-code-signing\|M1045 - Code Signing]] | M1045 | 22 | | [[m1046-boot-integrity\|M1046 - Boot Integrity]] | M1046 | 14 | | [[m1047-audit\|M1047 - Audit]] | M1047 | 109 | | [[m1048-application-isolation-and-sandboxing\|M1048 - Application Isolation and Sandboxing]] | M1048 | 14 | | [[m1049-antivirusantimalware\|M1049 - Antivirus/Antimalware]] | M1049 | 18 | | [[m1050-exploit-protection\|M1050 - Exploit Protection]] | M1050 | 12 | | [[m1051-update-software\|M1051 - Updaté Software]] | M1051 | 42 | | [[m1052-user-account-control\|M1052 - User Account Control]] | M1052 | 7 | | [[m1053-data-backup\|M1053 - Data Backup]] | M1053 | 10 | | [[m1054-software-configuration\|M1054 - Software Configuration]] | M1054 | 37 | | [[m1055-do-not-mitigate\|M1055 - Do Not Mitigaté]] | M1055 | 3 | | [[m1056-pre-compromise\|M1056 - Pre-compromise]] | M1056 | 84 | | [[m1057-data-loss-prevention\|M1057 - Data Loss Prevention]] | M1057 | 12 | | [[m1060-out-of-band-communications-channel\|M1060 - Out-of-Band Commúnications Channel]] | M1060 | 7 | <!-- SerializedQuery END --> > [!tip] Prioridades para Organizações Brasileiras > As mitigações mais impactantes para organizações LATAM/Brasil são tipicamente: > - **[[m1032-multi-factor-authentication|MFA]]** — ainda pouco adotada em PMEs brasileiras > - **[[m1030-network-segmentation|Segmentação de rede]]** — crítica para reduzir movimentação lateral > - **[[m1051-update-software|Atualização de software]]** — ciclos de patch frequentemente atrasados > - **[[m1053-data-backup|Backup de dados]]** — essencial contra ransomware, frequentemente sem teste de restore > - **[[m1017-user-training|Treinamento de usuários]]** — phishing continua sendo o vetor #1 na região ## Referências - [MITRE ATT&CK — Mitigations](https://attack.mitre.org/mitigations/enterprise/) - [NIST SP 800-53 — Security and Privacy Controls](https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final) - [CIS Controls v8](https://www.cisecurity.org/controls/v8)