Isolatetechnique

D3-ABPIApplication-based Process Isolation

Application-based Process Isolation

Definition

Application code which prevents its own subroutines from accessing intra-process / internal memory space.

Defends against15

TypeTargetConfidenceTier
SubTechniqueDisable or Modify Toolst1562.001100%live
SubTechniqueScheduled Taskt1053.005100%live
TechniqueScheduled Task/Jobt1053100%live
TechniqueMulti-Factor Authentication Request Generationt1621100%live
SubTechniqueSecurity Account Managert1003.002100%live
TechniqueModify Authentication Processt1556100%live
SubTechniqueWeb Shellt1505.003100%live
TechniqueUse Alternate Authentication Materialt1550100%live
SubTechniqueSQL Stored Procedurest1505.001100%live
SubTechniqueTransport Agentt1505.002100%live
SubTechniqueNetsh Helper DLLt1546.007100%live
TechniqueExploitation for Credential Accesst1212100%live
SubTechniqueLSA Secretst1003.004100%live
TechniqueSystem Owner/User Discoveryt1033100%live
SubTechniqueLSASS Memoryt1003.001100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Defence
Hardware-based Process Isolation
Defence
Kernel-based Process Isolation
Defence
Process Segment Execution Prevention
Defence
Control Flow Integrity
Defence
System Call Filtering
Defence
Network Isolation
Sourced from MITRE D3FEND ontology. Curated by Adam Lundqvist, SQUR.