Execution Prevention

From attackics
Jump to navigation Jump to search
Execution Prevention
Mitigation
ID M0938
NIST SP 800-53 Rev. 4 SI-3
IEC 62443-3-3:2013 SR 3.2
IEC 62443-4-2:2019 CR 3.2

Description

Block execution of code on a system through application control, and/or script blocking.


Techniques Addressed by Mitigation

NameUse
Command-Line InterfaceExecution prevention may block malicious software from accessing protected resources through the command line interface.
Execution through APIMinimize the exposure of API calls that allow the execution of code.
MasqueradingUse tools that restrict program execution via application control by attributes other than file name for common system and application utilities.
Native APIMinimize the exposure of API calls that allow the execution of code.
ScriptingExecution prevention may prevent malicious scripts from accessing protected resources.
User ExecutionApplication control may be able to prevent the running of executables masquerading as other files.