Modeltechnique

D3-AVEAsset Vulnerability Enumeration

Asset Vulnerability Enumeration

Definition

Asset vulnerability enumeration enriches inventory items with knowledge identifying their vulnerabilities.

Defends against26

TypeTargetConfidenceTier
SubTechniqueComponent Firmwaret1542.002100%live
TechniqueSteal or Forge Authentication Certificatest1649100%live
TechniqueRootkitt1014100%live
SubTechniqueROMMONkitt1542.004100%live
TechniqueBrowser Extensionst1176100%live
TechniqueImplant Internal Imaget1525100%live
TechniqueExploitation for Credential Accesst1212100%live
SubTechniqueRun Virtual Instancet1564.006100%live
SubTechniqueLSASS Drivert1547.008100%live
SubTechniqueExecutable Installer File Permissions Weaknesst1574.005100%live
SubTechniqueIIS Componentst1505.004100%live
TechniqueSoftware Deployment Toolst1072100%live
SubTechniqueSystem Firmwaret1542.001100%live
TechniqueInhibit System Recoveryt1490100%live
SubTechniqueApplication Shimmingt1546.011100%live
SubTechniqueTime Based Evasiont1497.003100%live
SubTechniqueWeb Portal Capturet1056.003100%live
SubTechniqueSQL Stored Procedurest1505.001100%live
TechniqueCompromise Client Software Binaryt1554100%live
SubTechniqueCompromise Software Supply Chaint1195.002100%live
SubTechniqueBootkitt1542.003100%live
SubTechniqueCompromise Software Dependencies and Development Toolst1195.001100%live
SubTechniqueMMCt1218.014100%live
SubTechniqueServices File Permissions Weaknesst1574.010100%live
SubTechniqueAdd-inst1137.006100%live
SubTechniqueMSBuildt1127.001100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Defence
Network Vulnerability Assessment
Defence
System Vulnerability Assessment
Defence
Data Inventory
Defence
Software Inventory
Defence
Configuration Inventory
Defence
Hardware Component Inventory
Sourced from MITRE D3FEND ontology. Curated by Adam Lundqvist, SQUR.