test_scratch
/
cti-ATT-CK-v13.1
/mobile-attack
/course-of-action
/course-of-action--1553b156-6767-47f7-9eb4-2a692505666d.json
| { | |
| "type": "bundle", | |
| "id": "bundle--15fea9dd-e9f1-4463-84ac-0e57dda42e51", | |
| "spec_version": "2.0", | |
| "objects": [ | |
| { | |
| "x_mitre_domains": [ | |
| "mobile-attack" | |
| ], | |
| "object_marking_refs": [ | |
| "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168" | |
| ], | |
| "type": "course-of-action", | |
| "id": "course-of-action--1553b156-6767-47f7-9eb4-2a692505666d", | |
| "created": "2019-10-18T12:49:58.924Z", | |
| "x_mitre_version": "1.0", | |
| "external_references": [ | |
| { | |
| "source_name": "mitre-attack", | |
| "external_id": "M1005", | |
| "url": "https://attack.mitre.org/mitigations/M1005" | |
| } | |
| ], | |
| "x_mitre_deprecated": true, | |
| "revoked": false, | |
| "description": "Enterprises can vet applications for exploitable vulnerabilities or unwanted (privacy-invasive or malicious) behaviors. Enterprises can inspect applications themselves or use a third-party service.\n\nEnterprises may impose policies to only allow pre-approved applications to be installed on their devices or may impose policies to block use of specific applications known to have issues. In Bring Your Own Device (BYOD) environments, enterprises may only be able to impose these policies over an enterprise-managed portion of the device.\n\nApplication Vetting is not a complete mitigation. Techniques such as [Evade Analysis Environment](https://attack.mitre.org/techniques/T1523) exist that can enable adversaries to bypass vetting.", | |
| "modified": "2022-04-06T14:47:46.019Z", | |
| "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5", | |
| "name": "Application Vetting", | |
| "x_mitre_attack_spec_version": "2.1.0", | |
| "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5" | |
| } | |
| ] | |
| } |