Skip to content

Hide Navigation Hide TOC

Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3)

Use capabilities to detect and block conditions that may lead to or be indicative of a software exploit occurring.

Cluster A Galaxy A Cluster B Galaxy B Level
Electron Applications - T1218.015 (561ae9aa-c28a-4144-9eec-e7027a14c8c3) Attack Pattern Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3) Course of Action 1
Exploitation of Remote Services - T1210 (9db0cf3a-a3c9-4012-8268-123b9db6fd82) Attack Pattern Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3) Course of Action 1
Exploitation for Defense Evasion - T1211 (fe926152-f431-4baf-956c-4ad3cb0bf23b) Attack Pattern Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3) Course of Action 1
Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3) Course of Action Exploitation for Credential Access - T1212 (9c306d8d-cde7-4b4c-b6e8-d0bb16caca36) Attack Pattern 1
Exploitation for Client Execution - T1203 (be2dcee9-a7a7-4e38-afd6-21b31ecc3d63) Attack Pattern Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3) Course of Action 1
Exploit Public-Facing Application - T1190 (3f886f2a-874f-4333-b794-aa6075009b1c) Attack Pattern Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3) Course of Action 1
Regsvr32 - T1218.010 (b97f1d35-4249-4486-a6b5-ee60ccf24fab) Attack Pattern Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3) Course of Action 1
Rundll32 - T1218.011 (045d0922-2310-4e60-b5e4-3302302cb3c5) Attack Pattern Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3) Course of Action 1
Drive-by Compromise - T1189 (d742a578-d70e-4d0e-96a6-02a9c30204e6) Attack Pattern Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3) Course of Action 1
Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3) Course of Action Taint Shared Content - T1080 (246fd3c7-f5e3-466d-8787-4c13d9e3b61c) Attack Pattern 1
Exploitation for Privilege Escalation - T1068 (b21c3b2d-02e6-45b1-980b-e69051040839) Attack Pattern Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3) Course of Action 1
Exploit Protection - M1050 (d2a24649-9694-4c97-9c62-ce7b270bf6a3) Course of Action System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) Attack Pattern 1
Electron Applications - T1218.015 (561ae9aa-c28a-4144-9eec-e7027a14c8c3) Attack Pattern System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) Attack Pattern 2
Regsvr32 - T1218.010 (b97f1d35-4249-4486-a6b5-ee60ccf24fab) Attack Pattern System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) Attack Pattern 2
Rundll32 - T1218.011 (045d0922-2310-4e60-b5e4-3302302cb3c5) Attack Pattern System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) Attack Pattern 2