ITM is an open framework - Submit your contributions now.

Insider Threat Matrix™

  • ID: PR006.002
  • Created: 25th May 2024
  • Updated: 01st June 2024
  • Contributor: The ITM Team

Security Enumeration via Running Processes

A subject observes running processes on the target system in an attempt to identify any security agents or software that is running.

Prevention

ID Name Description
PV002Restrict Access to Administrative Privileges

The Principle of Least Privilege should be enforced, and period reviews of permissions conducted to ensure that accounts have the minimum level of access required to complete duties as per their role.