SC-39: Process Isolation

From NIST's SP800-53:

Maintain a separate execution domain for each executing system process.

Cyber Threat Graph Context

Explore how this control relates to the wider threat graph

Generated from NISTs SP800-53/CSF Crosswalk mappings.

Search:

Control ID	Description
PR.PT-4	Communications and control networks are protected

Showing 1 to 1 of 1 entries

See which MITRE ATT&CK techniques this control helps to protect against.

Search:

ATT&CK ID	Title	Associated Tactics
T1003.002	Security Account Manager	Credential Access
T1189	Drive-by Compromise	Initial Access
T1003.001	LSASS Memory	Credential Access
T1003.008	/etc/passwd and /etc/shadow	Credential Access
T1211	Exploitation for Defense Evasion	Defense Evasion
T1068	Exploitation for Privilege Escalation	Privilege Escalation
T1003.007	Proc Filesystem	Credential Access
T1203	Exploitation for Client Execution	Execution
T1003	OS Credential Dumping	Credential Access
T1556.001	Domain Controller Authentication	Credential Access, Defense Evasion, Persistence
T1547.005	Security Support Provider	Persistence, Privilege Escalation
T1556	Modify Authentication Process	Credential Access, Defense Evasion, Persistence
T1003.005	Cached Domain Credentials	Credential Access
T1547.008	LSASS Driver	Persistence, Privilege Escalation
T1003.004	LSA Secrets	Credential Access
T1212	Exploitation for Credential Access	Credential Access
T1210	Exploitation of Remote Services	Lateral Movement
T1003.006	DCSync	Credential Access
T1003.003	NTDS	Credential Access
T1611	Escape to Host	Privilege Escalation
T1190	Exploit Public-Facing Application	Initial Access
T1547.002	Authentication Package	Persistence, Privilege Escalation

Showing 1 to 22 of 22 entries