Skip to content

Hide Navigation Hide TOC

Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee)

An enterprise mobility management (EMM), also known as mobile device management (MDM), system can be used to provision policies to mobile devices to control aspects of their allowed behavior.

Cluster A Galaxy A Cluster B Galaxy B Level
GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512) Attack Pattern Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action Application Versioning - T1661 (28fdd23d-aee3-4afe-bc3f-5f1f52929258) Attack Pattern 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action Remote Access Software - T1663 (0b761f2b-197a-40f2-b100-8152cb957c0c) Attack Pattern 1
Code Signing Policy Modification - T1632.001 (fcb11f06-ce0e-490b-bcc1-04a1623579f0) Attack Pattern Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action 1
Exploitation of Remote Services - T1428 (22379609-a99f-4a01-bd7e-70f3e105859d) Attack Pattern Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a) Attack Pattern 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action Remote Device Management Services - T1430.001 (9ef05e3d-52db-4c12-be4f-519214bbe91f) Attack Pattern 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4) Attack Pattern 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action Subvert Trust Controls - T1632 (79cb02f4-ac4e-4335-8b51-425c9573cce1) Attack Pattern 1
Prevent Application Removal - T1629.001 (dc01774a-d1c1-45fb-b506-0a5d1d6593d9) Attack Pattern Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action 1
Replication Through Removable Media - T1458 (667e5707-3843-4da8-bd34-88b922526f0d) Attack Pattern Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action SSL Pinning - T1521.003 (dfafc230-5465-4993-8dc5-f51fa9fec002) Attack Pattern 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action Input Injection - T1516 (d1f1337e-aea7-454c-86bd-482a98ffaf62) Attack Pattern 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action Screen Capture - T1513 (73c26732-6422-4081-8b63-6d0ae93d449e) Attack Pattern 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action Lockscreen Bypass - T1461 (dfe29258-ce59-421c-9dee-e85cb9fa90cd) Attack Pattern 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action Keylogging - T1417.001 (b1c95426-2550-4621-8028-ceebf28b3a47) Attack Pattern 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action Access Notifications - T1517 (39dd7871-f59b-495f-a9a5-3cb8cc50c9b2) Attack Pattern 1
Enterprise Policy - M1012 (649f7268-4c12-483b-ac84-4b7bca9fe2ee) Course of Action Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad) Attack Pattern 1
GUI Input Capture - T1417.002 (4c58b7c6-a839-4789-bda9-9de33e4d4512) Attack Pattern Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad) Attack Pattern 2
Code Signing Policy Modification - T1632.001 (fcb11f06-ce0e-490b-bcc1-04a1623579f0) Attack Pattern Subvert Trust Controls - T1632 (79cb02f4-ac4e-4335-8b51-425c9573cce1) Attack Pattern 2
Remote Device Management Services - T1430.001 (9ef05e3d-52db-4c12-be4f-519214bbe91f) Attack Pattern Location Tracking - T1430 (99e6295e-741b-4857-b6e5-64989eb039b4) Attack Pattern 2
Prevent Application Removal - T1629.001 (dc01774a-d1c1-45fb-b506-0a5d1d6593d9) Attack Pattern Impair Defenses - T1629 (20b0931a-8952-42ca-975f-775bad295f1a) Attack Pattern 2
SSL Pinning - T1521.003 (dfafc230-5465-4993-8dc5-f51fa9fec002) Attack Pattern Encrypted Channel - T1521 (ed2c05a1-4f81-4d97-9e1b-aff01c34ae84) Attack Pattern 2
Input Capture - T1417 (a8c31121-852b-46bd-9ba4-674ae5afe7ad) Attack Pattern Keylogging - T1417.001 (b1c95426-2550-4621-8028-ceebf28b3a47) Attack Pattern 2