{"description": "Mobile techniques mitigated by Deploy Compromised Device Detection Method, ATT&CK mitigation M1010 (v1.0)", "name": "Deploy Compromised Device Detection Method (M1010)", "domain": "mobile-attack", "versions": {"layer": "4.5", "attack": "17", "navigator": "5.1.0"}, "techniques": [{"techniqueID": "T1623", "comment": "Mobile security products can typically detect jailbroken or rooted devices. ", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1623.001", "comment": "Mobile security products can typically detect jailbroken or rooted devices. ", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1634", "comment": "Mobile security products can take appropriate action when jailbroken devices are detected, potentially limiting the adversary\u2019s access to password stores. ", "score": 1, "showSubtechniques": true}, {"techniqueID": "T1634.001", "comment": "Mobile security products can take appropriate action when jailbroken devices are detected, potentially limiting the adversary\u2019s access to password stores.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1404", "comment": "Mobile security products can potentially detect jailbroken or rooted devices.", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T1628", "showSubtechniques": true}, {"techniqueID": "T1628.002", "comment": "Mobile security products that are part of the Samsung Knox for Mobile Threat Defense program could examine running applications while the device is idle, potentially detecting malicious applications that are running primarily when the device is not being used.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1617", "comment": "Mobile security products can often detect rooted devices.", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T1629", "comment": "Mobile security software can typically detect if a device has been rooted or jailbroken and can inform the user, who can then take appropriate action.", "score": 1, "showSubtechniques": true}, {"techniqueID": "T1629.003", "comment": "Mobile security software can typically detect if a device has been rooted or jailbroken and can inform the user, who can then take appropriate action.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}], "gradient": {"colors": ["#ffffff", "#66b1ff"], "minValue": 0, "maxValue": 1}, "legendItems": [{"label": "mitigated by Deploy Compromised Device Detection Method", "color": "#66b1ff"}]}