Isolatetechnique

D3-EIExecution Isolation

Execution Isolation

Definition

Defends against62

TypeTargetConfidenceTier
TechniqueUse Alternate Authentication Materialt1550100%live
SubTechniqueMshtat1218.005100%live
SubTechniquePath Interception by PATH Environment Variablet1574.007100%live
SubTechniqueSecurity Account Managert1003.002100%live
SubTechniqueAsynchronous Procedure Callt1055.004100%live
SubTechniqueCMSTPt1218.003100%live
TechniqueXSL Script Processingt1220100%live
SubTechniqueInvalid Code Signaturet1036.001100%live
TechniqueSystem Owner/User Discoveryt1033100%live
TechniqueProcess Discoveryt1057100%live
SubTechniqueShortcut Modificationt1547.009100%live
SubTechniqueParent PID Spoofingt1134.004100%live
TechniqueCommand and Scripting Interpretert1059100%live
SubTechniqueSoftware Packingt1027.002100%live
TechniqueMulti-Factor Authentication Request Generationt1621100%live
TechniqueDeobfuscate/Decode Files or Informationt1140100%live
SubTechniqueLogon Script (Windows)t1037.001100%live
SubTechniquePowerShell Profilet1546.013100%live
SubTechniqueLSASS Memoryt1003.001100%live
SubTechniquePath Interception by Unquoted Patht1574.009100%live
SubTechniqueRename System Utilitiest1036.003100%live
SubTechniqueThread Execution Hijackingt1055.003100%live
SubTechniqueProcess Doppelgängingt1055.013100%live
SubTechniqueRegistry Run Keys / Startup Foldert1547.001100%live
SubTechniqueTransport Agentt1505.002100%live
SubTechniqueScheduled Taskt1053.005100%live
SubTechniqueRC Scriptst1037.004100%live
SubTechniqueAppCert DLLst1546.009100%live
TechniqueWindows Management Instrumentationt1047100%live
TechniqueScheduled Task/Jobt1053100%live

Showing top 30 of 62 by confidence. Click any target to see the full neighbourhood.

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Defence
Identifier Analysis
Defence
Process Analysis
Defence
Content Filtering
Defence
File Analysis
Defence
Decoy Environment
Defence
Object Eviction
Sourced from MITRE D3FEND ontology. Curated by Adam Lundqvist, SQUR.