The sub-techniques beta is now live! Read the release blog post for more info.

Limit Hardware Installation

Block users or groups from installing or using unapproved hardware on systems, including USB devices.

ID: M1034
Version: 1.0
Created: 11 June 2019
Last Modified: 11 June 2019

Techniques Addressed by Mitigation

Domain ID Name Description
Enterprise T1200 Hardware Additions

Block unknown devices and accessories by endpoint security configuration and monitoring agent.

Enterprise T1091 Replication Through Removable Media

Limit the use of USB devices and removable media within a network.