There are 8 techniques in this category, Execution Isolation.
|Execution Isolation techniques prevent application processes from accessing non-essential system resources, such as memory, devices, or files.
|- System Call Filtering
|Configuring a kernel to use an allow or deny list to filter kernel api calls.
|- IO Port Restriction
|Limiting access to computer input/output (IO) ports to restrict unauthorized devices.
|- Kernel-based Process Isolation
|Using kernel-level capabilities to isolate processes.
|- Executable Allowlisting
|Using a digital signature to authenticate a file before opening.
|File Signature Authentication
|- Executable Denylisting
|Blocking the execution of files on a host in accordance with defined application policy rules.
|- Hardware-based Process Isolation
|Preventing one process from writing to the memory space of another process through hardware based address manager implementations.
|- Mandatory Access Control
|Controlling access to local computer system resources with kernel-level capabilities.
A knowledge graph of cybersecurity countermeasures