Execution Prevention

Block execution of code on a system through application control, and/or script blocking.

ID: M0938
Version: 1.0
Created: 11 June 2019
Last Modified: 24 October 2022

Techniques Addressed by Mitigation

Domain ID Name Use
ICS T0807 Command-Line Interface

Execution prevention may block malicious software from accessing protected resources through the command line interface.

ICS T0871 Execution through API

Minimize the exposure of API calls that allow the execution of code.

ICS T0849 Masquerading

Use tools that restrict program execution via application control by attributes other than file name for common system and application utilities.

ICS T0834 Native API

Minimize the exposure of API calls that allow the execution of code.

ICS T0853 Scripting

Execution prevention may prevent malicious scripts from accessing protected resources.

ICS T0863 User Execution

Application control may be able to prevent the running of executables masquerading as other files.