Esc

Process Suspension

Definition

Suspending a running process on a computer system.

How it works

A running process might be suspended to mitigate its immediate effects if it is exhibiting anomalous, unauthorized, or malicious behavior. Defenders may choose to suspend rather than terminate to analyze the process first and resume the process if deemed benign.

System-provided functions

Windows tools

In Windows, the PsSuspend command line utility from the SysInternals Suite provides functionality to suspend processes on a local or remote system.

json

References

All

Specification

The following references were used to develop the Process Suspension knowledge-base article.

(Note: the consideration of references does not imply specific functionality exists in an offering.)

PsSuspend

Reference Type: Specification Organization: Microsoft Author: Mark Russinovich

Source: https://learn.microsoft.com/en-us/sysinternals/downloads/pssuspend

D3FEND^™

A knowledge graph of cybersecurity countermeasures