{"description": "ICS techniques mitigated by Execution Prevention, ATT&CK mitigation M0938 (v1.0)", "name": "Execution Prevention (M0938)", "domain": "ics-attack", "versions": {"layer": "4.5", "attack": "17", "navigator": "5.1.0"}, "techniques": [{"techniqueID": "T0807", "comment": "Execution prevention may block malicious software from accessing protected resources through the command line interface.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0871", "comment": "Minimize the exposure of API calls that allow the execution of code.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0849", "comment": "Use tools that restrict program execution via application control by attributes other than file name for common system and application utilities.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0834", "comment": "Minimize the exposure of API calls that allow the execution of code.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0853", "comment": "Execution prevention may prevent malicious scripts from accessing protected resources.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0894", "comment": "Disallow the execution of applications/programs which are not required for normal system functions, including any specific command-line arguments which may allow the execution of proxy commands or application binaries.", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T0863", "comment": "Application control may be able to prevent the running of executables masquerading as other files.\n", "score": 1, "color": "#66b1ff", "showSubtechniques": false}], "gradient": {"colors": ["#ffffff", "#66b1ff"], "minValue": 0, "maxValue": 1}, "legendItems": [{"label": "mitigated by Execution Prevention", "color": "#66b1ff"}]}