Esc
Platform Hardening
Definition
Hardening components of a Platform with the intention of making them more difficult to exploit.
Platforms includes components such as:
- BIOS UEFI Subsystems
- Hardware security devices such as Trusted Platform Modules
- Boot process logic or code
- Kernel software components
loading...
Technique Subclasses
There are 10 techniques in this category, Platform Hardening.
| Name | ID | Definition | Synonyms |
|---|---|---|---|
| Platform Hardening | D3-PH | Hardening components of a Platform with the intention of making them more difficult to exploit. Platforms includes components such as: * BIOS UEFI Subsystems * Hardware security devices such as Trusted Platform Modules * Boot process logic or code * Kernel software components | Endpoint Hardening , and System Hardening |
| - TPM Boot Integrity | D3-TBI | Assuring the integrity of a platform by demonstrating that the boot process starts from a trusted combination of hardware and software and continues until the operating system has fully booted and applications are running. Sometimes called Static Root of Trust Measurement (STRM). | Static Root of Trust Measurement , and STRM |
| - RF Shielding | D3-RFS | Adding physical barriers to a platform to prevent undesired radio interference. | |
| - Software Update | D3-SU | Replacing old software on a computer system component. | |
| - System Configuration Permissions | D3-SCP | Restricting system configuration modifications to a specific user or group of users. | |
| - File Encryption | D3-FE | Encrypting a file using a cryptographic key. | |
| - Local File Permissions | D3-LFP | Restricting access to a local file by configuring operating system functionality. | |
| - Bootloader Authentication | D3-BA | Cryptographically authenticating the bootloader software before system boot. | Secure Boot |
| - Disk Encryption | D3-DENCR | Encrypting a hard disk partition to prevent cleartext access to a file system. | |
| - Driver Load Integrity Checking | D3-DLIC | Ensuring the integrity of drivers loaded during initialization of the operating system. |
loading...
D3FEND™
A knowledge graph of cybersecurity countermeasures