Execution Prevention
Block execution of code on a system through application control, and/or script blocking.
ID: M0938
Security Controls: IEC 62443-3-3:2013 - SR 3.2, IEC 62443-4-2:2019 - CR 3.2, NIST SP 800-53 Rev. 5 - SI-3
Version: 1.0
Created: 11 June 2019
Last Modified: 19 September 2023
Techniques Addressed by Mitigation
| Domain | ID | Name | Use | |
|---|---|---|---|---|
| ICS | T0807 | Command-Line Interface |
Execution prevention may block malicious software from accessing protected resources through the command line interface. |
|
| ICS | T0871 | Execution through API |
Minimize the exposure of API calls that allow the execution of code. |
|
| ICS | T0849 | Masquerading |
Use tools that restrict program execution via application control by attributes other than file name for common system and application utilities. |
|
| ICS | T0834 | Native API |
Minimize the exposure of API calls that allow the execution of code. |
|
| ICS | T0853 | Scripting |
Execution prevention may prevent malicious scripts from accessing protected resources. |
|
| ICS | T0863 | User Execution |
Application control may be able to prevent the running of executables masquerading as other files. |
|