Execution Prevention

From attackics
Revision as of 13:48, 25 September 2020 by Ahahn (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
Execution Prevention
Mitigation
ID M1038
NIST SP 800-53 Rev. 4 SI-3
IEC 62443-3-3:2013 SR 3.2
IEC 62443-4-2:2019 CR 3.2

Description

Block execution of code on a system through application control, and/or script blocking.


Techniques Addressed by Mitigation

NameUse
Command-Line InterfaceExecution prevention may block malicious software from accessing protected resources through the command line interface.
Execution through APIMinimize the exposure of API calls that allow the execution of code.
MasqueradingUse tools that restrict program execution via application control by attributes other than file name for common system and application utilities.
ScriptingExecution prevention may prevent malicious scripts from accessing protected resources.
User ExecutionApplication control may be able to prevent the running of executables masquerading as other files.