Limit Software Installation
Block users or groups from installing unapproved software.
Techniques Addressed by Mitigation
| Domain | ID | Name | Use | |
|---|---|---|---|---|
| Enterprise | T1195 | 供应链破坏 |
Where possible, consider requiring developers to pull from internal repositories containing verified and approved packages rather than from external ones.[1] |
|
| .001 | Compromise Software Dependencies and Development Tools |
Where possible, consider requiring developers to pull from internal repositories containing verified and approved packages rather than from external ones.[1] |
||
| Enterprise | T1543 | 创建或修改系统进程 |
Restrict software installation to trusted repositories only and be cautious of orphaned software packages. |
|
| .002 | Systemd Service |
Restrict software installation to trusted repositories only and be cautious of orphaned software packages. |
||
| Enterprise | T1547 | .013 | 启动或登录自动启动执行: XDG Autostart Entries |
Restrict software installation to trusted repositories only and be cautious of orphaned software packages. |
| Enterprise | T1059 | 命令与脚本解释器 |
Prevent user installation of unrequired command and scripting interpreters. |
|
| .006 | Python |
Prevent users from installing Python where not required. |
||
| .011 | Lua |
Prevent users from installing Lua where not required. |
||
| Enterprise | T1176 | 浏览器扩展 |
Only install browser extensions from trusted sources that can be verified. Browser extensions for some browsers can be controlled through Group Policy. Change settings to prevent the browser from installing extensions without sufficient permissions. |
|
| Enterprise | T1072 | 软件部署工具 |
Restrict the use of third-party software suites installed within an enterprise network. |
|
| Enterprise | T1021 | .005 | 远程服务: VNC |
Restrict software installation to user groups that require it. A VNC server must be manually installed by the user or adversary. |
| Enterprise | T1564 | 隐藏伪装 |
Restrict the installation of software that may be abused to create hidden desktops, such as hVNC, to user groups that require it. |
|
| .003 | Hidden Window |
Restrict the installation of software that may be abused to create hidden desktops, such as hVNC, to user groups that require it. |
||