Esc
Kernel-based Process Isolation
Definition
Using kernel-level capabilities to isolate processes.
Digital Artifact Relationships:
This defensive technique is related to specific digital artifacts. Click the artifact node for more information.
Related ATT&CK Techniques:
These mappings are inferred, experimental, and will improve as the
knowledge graph grows.
These offensive techniques are determined related because of the way this defensive technique,, .
Defense Evasion
Modify Authentication Process
Use Alternate Authentication Material
Impair Defenses
Credential Access
Modify Authentication Process
Exploitation for Credential Access
OS Credential Dumping
Discovery
System Owner/User Discovery
Persistence
Scheduled Task/Job
Server Software Component
Event Triggered Execution
Lateral Movement
Use Alternate Authentication Material
References
All
Internet Article
The following references were used to develop the Kernel-based Process Isolation knowledge-base article.
(Note: the consideration of references does not imply specific functionality exists in an offering.)
Overview of the seccomp sandbox
Reference Type: Internet Article