Esc

Kernel-based Process Isolation

D3-KBPI
D3-KBPI (Kernel-based Process Isolation)

Definition

Using kernel-level capabilities to isolate processes.

loading...
json

Technique Subclasses

There are 3 techniques in this category, Kernel-based Process Isolation.

Name ID Definition Synonyms
Kernel-based Process Isolation D3-KBPI Using kernel-level capabilities to isolate processes.
- System Call Filtering D3-SCF Configuring a kernel to use an allow or deny list to filter kernel api calls.
- Mandatory Access Control D3-MAC Controlling access to local computer system resources with kernel-level capabilities.
loading...

References

All
Internet Article

The following references were used to develop the Kernel-based Process Isolation knowledge-base article.

(Note: the consideration of references does not imply specific functionality exists in an offering.)

Overview of the seccomp sandbox

Reference Type: Internet Article
Source: https://code.google.com/archive/p/seccompsandbox/wikis/overview.wiki

A knowledge graph of cybersecurity countermeasures