ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™

  • ID: PR006.001
  • Created: 25th May 2024
  • Updated: 01st June 2024
  • Contributor: The ITM Team

Security Enumeration via Windows Registry

A subject attempts to identify security software through keys and values within the Windows registry.

Prevention

ID Name Description
PV002Restrict Access to Administrative Privileges

The Principle of Least Privilege should be enforced, and period reviews of permissions conducted to ensure that accounts have the minimum level of access required to complete duties as per their role.