SC-3: Security Function Isolation
From NIST's SP800-53:
Isolate security functions from nonsecurity functions.
Cyber Threat Graph Context
Explore how this control relates to the wider threat graph
MITRE ATT&CK Techniques
See which MITRE ATT&CK techniques this control helps to protect against.
| ATT&CK ID | Title | Associated Tactics |
|---|---|---|
| T1559.001 | Component Object Model | Execution |
| T1003.001 | LSASS Memory | Credential Access |
| T1559.002 | Dynamic Data Exchange | Execution |
| T1211 | Exploitation for Defense Evasion | Defense Evasion |
| T1210 | Exploitation of Remote Services | Lateral Movement |
| T1189 | Drive-by Compromise | Initial Access |
| T1134.005 | SID-History Injection | Defense Evasion, Privilege Escalation |
| T1602.002 | Network Device Configuration Dump | Collection |
| T1203 | Exploitation for Client Execution | Execution |
| T1021.003 | Distributed Component Object Model | Lateral Movement |
| T1212 | Exploitation for Credential Access | Credential Access |
| T1047 | Windows Management Instrumentation | Execution |
| T1559 | Inter-Process Communication | Execution |
| T1602 | Data from Configuration Repository | Collection |
| T1068 | Exploitation for Privilege Escalation | Privilege Escalation |
| T1602.001 | SNMP (MIB Dump) | Collection |
| T1611 | Escape to Host | Privilege Escalation |
| T1190 | Exploit Public-Facing Application | Initial Access |