
The MCPwn Campaign: Unauthorized Nginx Server Takeovers
The Nginx UI campaign involves exploitation of CVE-2026-33032. Threat actors are leveraging this vulnerability to potentially gain unauthorized access or control over Nginx UI instances.
Indicators of Compromise
Hashes (2)
6c8efbcef3af80a574cb2aa2224c145bb2e37c2f3d3f091571708288ceb22d5f12d399e6966db58f6d189d606ac34cc8IPv4 (1)
37.27.244.222Notes
<div class="content-body"><span class="content-title">CONCLUSION</span><p class="content-description">While the provided article is extremely limited, it suggests a potential vulnerability (CVE-2026-33032) in Nginx UI is being actively investigated. The lack of detailed information makes assessing the full scope and impact challenging. Organizations using Nginx UI should prioritize investigating CVE-2026-33032 and applying any available patches or workarounds. SOCRadar's IOC Radar can be used to investigate the CVE and any related indicators. Furthermore, SOCRadar's <a href="https://socradar.io/products/attack-surface-management/">Attack Surface Management </a>can help identify vulnerable Nginx UI instances within an organization's infrastructure. Monitoring the dark web for discussions related to Nginx UI exploits using SOCRadar's <a href="https://socradar.io/products/dark-web-monitoring/">Dark Web Monitoring</a> can provide early warnings of potential attacks. SOCRadar's <a href="https://socradar.io/products/cyber-threat-intelligence/">Cyber Threat Intelligence</a> can provide updates on threat actor TTPs.</p></div>
Mitigation
<span id="docs-internal-guid-c9ef0698-7fff-5455-4eb2-714914a742fb"><div style="margin-left:0pt;" align="left"><table style="border:none;border-collapse:collapse;"><colgroup><col><col><col><col><col></colgroup><thead><tr style="height:0pt;"><th style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#1f3864;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height: 1.2; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(255, 255, 255); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Technique ID</span></p></th><th style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#1f3864;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height: 1.2; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(255, 255, 255); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Technique Name</span></p></th><th style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#1f3864;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height: 1.2; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(255, 255, 255); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Mitigation ID</span></p></th><th style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#1f3864;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height: 1.2; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(255, 255, 255); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Mitigation Name</span></p></th><th style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#1f3864;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height: 1.2; margin-top: 0pt; margin-bottom: 0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(255, 255, 255); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Description</span></p></th></tr></thead><tbody><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1033/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1033</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">System Owner/User Discovery</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">–</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">No specific mitigation</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">No MITRE-specific mitigation recommended for this discovery technique.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1028/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1028</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Operating System Configuration</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Restrict access to unnecessary system commands to reduce discovery surface.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1003/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1003</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">OS Credential Dumping</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1041/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1041</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Encrypt Sensitive Information</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Store credentials encrypted at rest.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1043/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1043</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Credential Access Protection</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Enable Windows Credential Guard and Protected Users security group.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1026</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Privileged Account Management</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Restrict access to LSASS and apply least privilege principles.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1027/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1027</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Password Policies</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Enforce complex, lengthy passwords to slow hash cracking.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1028/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1028</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Operating System Configuration</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Disable WDigest authentication to prevent plaintext credential caching.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1015/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1015</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Active Directory Configuration</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Restrict Domain Replication rights to prevent DCSync attacks.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1017/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1017</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">User Training</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Educate users about credential phishing and theft risks.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1059/007/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1059.007</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Command and Scripting Interpreter: JavaScript</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1040/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1040</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Behavior Prevention on Endpoint</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Use EDR solutions to block suspicious JavaScript behavior.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1038/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1038</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Execution Prevention</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Enforce application allowlisting (AppLocker, WDAC).</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1042/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1042</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Disable or Remove Feature or Program</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Disable WScript/CScript on systems where scripting is not required.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1026</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Privileged Account Management</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Restrict script engine execution rights to authorized users.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1082/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1082</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">System Information Discovery</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">–</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">No specific mitigation</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">No MITRE-specific mitigation recommended for this discovery technique.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1026</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Privileged Account Management</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Minimize access to commands revealing sensitive system configuration details.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1190/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1190</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Exploit Public-Facing Application</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1048/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1048</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Application Isolation and Sandboxing</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Run web applications in isolated environments to contain exploitation impact.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1030/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1030</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Network Segmentation</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Isolate internet-facing systems from the internal corporate network.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1016/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1016</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Vulnerability Scanning</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Conduct regular vulnerability scans and apply patches promptly.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1026</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Privileged Account Management</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Configure web service accounts with least privilege.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1050/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1050</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Exploit Protection</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Deploy WAF, IPS, and OS-level exploit mitigation technologies.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1051/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1051</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Update Software</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Keep all public-facing software patched and up to date.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1055/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1055</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Process Injection</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1040/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1040</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Behavior Prevention on Endpoint</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Use EDR to detect and block anomalous in-memory code execution.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1026</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Privileged Account Management</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Restrict access to sensitive system processes.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1505/003/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1505.003</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Server Software Component: Web Shell</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1042/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1042</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Disable or Remove Feature or Program</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Remove unused web frameworks and script interpreters from servers.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1018/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1018</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">User Account Management</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Restrict write permissions for web server service accounts.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1045/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1045</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Code Signing</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Verify integrity of files deployed to the server through signing.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1548/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1548</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Abuse Elevation Control Mechanism</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1047/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1047</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Audit</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Regularly audit UAC settings and privilege escalation events.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1052/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1052</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">User Account Control</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Configure UAC to the highest enforcement level.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1026</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Privileged Account Management</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Manage admin accounts with minimal required privileges.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1028/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1028</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Operating System Configuration</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Harden sudo rules; audit SUID/SGID binaries on Linux systems.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1090/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1090</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Proxy</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1037/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1037</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Filter Network Traffic</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Block connections to untrusted proxy servers at network perimeter.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1031/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1031</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Network Intrusion Prevention</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Deploy IPS rules to detect and block C2 traffic patterns through proxies.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1020/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1020</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">SSL/TLS Inspection</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Decrypt and inspect encrypted traffic to identify proxy-based C2 tunneling.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1059/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1059</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Command and Scripting Interpreter</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1045/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1045</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Code Signing</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Require digitally signed scripts (enforce PowerShell execution policy).</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1042/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1042</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Disable or Remove Feature or Program</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Disable unused scripting engines and interpreters.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1038/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1038</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Execution Prevention</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Enforce application allowlisting with AppLocker or WDAC.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1026</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Privileged Account Management</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Restrict script execution permissions to authorized roles.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1040/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1040</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Behavior Prevention on Endpoint</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Use EDR to detect and block malicious script execution behavior.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1083/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1083</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">File and Directory Discovery</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">–</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">No specific mitigation</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">No MITRE-specific mitigation recommended for this discovery technique.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1026</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Privileged Account Management</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Minimize read permissions on critical files and directories.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1078/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1078</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Valid Accounts</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1036/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1036</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Account Use Policies</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Enforce multi-factor authentication (MFA) for all accounts.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1026</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Privileged Account Management</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Strictly control and monitor privileged account usage.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1027/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1027</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Password Policies</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Enforce strong passwords and periodic mandatory rotation.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1015/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1015</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Active Directory Configuration</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Disable stale, unused, and dormant accounts promptly.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1017/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1017</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">User Training</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Train users to recognize phishing and credential theft attempts.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1027/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1027</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Obfuscated Files or Information</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1049/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1049</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Antivirus/Antimalware</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Deploy AV/EDR solutions capable of detecting obfuscated files and scripts.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1040/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1040</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Behavior Prevention on Endpoint</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Use behavioral analysis engines to detect and block obfuscated code execution.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1486/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1486</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Data Encrypted for Impact</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1053/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1053</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Data Backup</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Maintain offline, immutable backups and regularly test restoration procedures.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1040/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1040</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Behavior Prevention on Endpoint</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Use EDR to detect and block ransomware-like mass file encryption behavior.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1026</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Privileged Account Management</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Restrict broad file access permissions to limit encryption blast radius.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1573/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1573</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Encrypted Channel</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1031/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1031</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Network Intrusion Prevention</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Deploy IPS rules detecting abnormal C2 communication patterns over encrypted channels.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1037/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1037</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Filter Network Traffic</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Block connections to known malicious certificates and C2 IP addresses.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1020/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1020</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">SSL/TLS Inspection</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Decrypt and inspect TLS traffic to identify C2 communications hiding in encryption.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1203/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1203</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Exploitation for Client Execution</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1048/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1048</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Application Isolation and Sandboxing</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Run browsers and office applications in sandboxed environments.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1050/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1050</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Exploit Protection</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Enable DEP, ASLR, CFG, and other OS-level exploit mitigation mechanisms.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1040/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1040</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Behavior Prevention on Endpoint</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Use EDR to detect post-exploitation behaviors following successful exploits.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1051/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1051</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Update Software</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Keep all client-side applications fully patched to remediate exploited vulnerabilities.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1071/001/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1071.001</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Application Layer Protocol: Web Protocols</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1031/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1031</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Network Intrusion Prevention</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Deploy IPS signatures detecting HTTP/HTTPS-based C2 communication patterns.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1037/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1037</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Filter Network Traffic</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Block known malicious domains and IP addresses at the network perimeter.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1018/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1018</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Remote System Discovery</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">–</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">No specific mitigation</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">No MITRE-specific mitigation recommended for this discovery technique.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1030/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1030</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Network Segmentation</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Limit network scanning blast radius through proper network segmentation.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1105/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1105</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Ingress Tool Transfer</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1031/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1031</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Network Intrusion Prevention</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Apply IPS signatures to detect and block malicious file downloads from external sources.</span></p></td></tr><tr style="height:0pt;"><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: top; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><br></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1037/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1037</span></a></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Filter Network Traffic</span></p></td><td style="border-width: 0.5pt; border-style: solid; border-color: rgb(170, 170, 170); vertical-align: middle; padding: 5pt 7pt; overflow: hidden; overflow-wrap: break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Restrict file downloads from untrusted or unknown external domains and IP addresses.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/techniques/T1021/001/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">T1021.001</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-weight: 700; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Remote Services: Remote Desktop Protocol</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1035/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1035</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Limit Access to Resource Over Network</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Restrict RDP access to authorized source IPs only; require VPN for remote access.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1030/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1030</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Network Segmentation</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Confine RDP traffic within trusted network zones and block from internet.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1028/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1028</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Operating System Configuration</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Disable RDP on all systems that do not explicitly require it.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1027/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1027</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Password Policies</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Enforce strong passwords and MFA for all RDP-enabled accounts.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1026/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1026</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Privileged Account Management</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Manage RDP accounts with least privilege; avoid RDP with domain admin accounts.</span></p></td></tr><tr style="height:0pt;"><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:top;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><br></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;text-align: center;margin-top:0pt;margin-bottom:0pt;"><a href="https://attack.mitre.org/mitigations/M1047/"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(17, 85, 204); background-color: transparent; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;">M1047</span></a></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Audit</span></p></td><td style="border-left:solid #aaaaaa 0.5pt;border-right:solid #aaaaaa 0.5pt;border-bottom:solid #aaaaaa 0.5pt;border-top:solid #aaaaaa 0.5pt;vertical-align:middle;background-color:#ebf0fa;padding:5pt 7pt 5pt 7pt;overflow:hidden;overflow-wrap:break-word;"><p style="line-height:1.2;margin-top:0pt;margin-bottom:0pt;"><span style="font-size: 11pt; font-family: Arial, sans-serif; color: rgb(0, 0, 0); background-color: transparent; font-variant: normal; vertical-align: baseline; white-space: pre-wrap;">Regularly audit active RDP sessions and logon activity for anomalies.</span></p></td></tr></tbody></table></div></span>