GCP Shielded VM Capability Group

All Mappings

Loading, please wait
Capability ID
Capability Description
Category
Value
ATT&CK ID
ATT&CK Name
Notes
shielded_vm Shielded VM protectsignificant T1542 Pre-OS Boot
Comments
This control is able to mitigate malicious modification of any portion of the pre-os boot process through a combination of Secure Boot to verify signatures of firmware, Measured Boot to establish a known good boot baseline, and Integrity Monitoring to measure subsequent boots to previously established baselines.
References
shielded_vm Shielded VM protectpartial T1014 Rootkit
Comments
This control is able to mitigate the use of rootkits that target any portion of the boot process, such as malicious modification of the Master Boot Record or UEFI. This control does not mitigate rootkits that exist in the kernel or userland.
References
Showing 1 to 2 of 2 rows

Capabilities

Loading, please wait
Capability ID
Capability Name
Number of Mappings
shielded_vm Shielded VM 2
Showing 1 to 1 of 1 rows