CAPEC - CAPEC-581: Security Software Footprinting (Version 2.11)

Home > CAPEC List > CAPEC-581: Security Software Footprinting (Version 2.11)

CAPEC-581: Security Software Footprinting

Security Software Footprinting

Definition in a New Window

Attack Pattern ID: 581

Abstraction: Detailed

Status: Draft

Completeness: Stub

Presentation Filter:

Summary

Adversaries may attempt to get a listing of security tools that are installed on the system and their configurations. This may include security related system features (such as a built-in firewall or anti-spyware) as well as third-party security software.

Solutions and Mitigations

Identify programs that may be used to acquire security tool information and block them by using a software restriction policy or tools that restrict program execution by process whitelisting.

Related Attack Patterns

Nature	Type	ID	Name	View(s) this relationship pertains to
ChildOf	Standard Attack Pattern	580	Application Footprinting	Mechanisms of Attack (primary)1000

References

[R.581.1] ATT&CK Project. "Security software enumeration (1063)". MITRE. <https://attack.mitre.org/wiki/Security_software_enumeration>.

Content History

Submissions
Submitter	Organization	Date	Source
CAPEC Content Team	The MITRE Corporation	2015-11-09	Internal_CAPEC_Team

More information is available — Please select a different filter.

Page Last Updated or Reviewed: July 31, 2017


	Use of the Common Attack Pattern Enumeration and Classification dictionary and classification taxonomy, and the associated references from this website, are subject to the Terms of Use. For more information, please email capec@mitre.org. CAPEC is sponsored by US-CERT in the office of Cybersecurity and Communications at the U.S. Department of Homeland Security. Copyright © 2007 - 2017, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation.	Privacy policy Terms of use Contact us

Common Attack Pattern Enumeration and Classification

CAPEC-581: Security Software Footprinting