| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| endpoint_management | Endpoint Management | protect | partial | T1110 | Brute Force |
Comments
This control allows for enforcement of strong password requirements for all mobile devices, desktops, laptops, and other endpoints. This control also allows for use of Google Credential Provider for Windows (GCPW) to utilize Google single sign on for Windows devices that can leverage two-factor authentication and login challenges.
References
|
| endpoint_management | Endpoint Management | respond | partial | T1078 | Valid Accounts |
Comments
This control allows for blocking endpoints that have been compromised from accessing company networks or resources. This control also allows for deletion of any compromised accounts and data from compromised endpoints.
References
|
| endpoint_management | Endpoint Management | protect | partial | T1052.001 | Exfiltration over USB |
Comments
This control can prevent exfiltration over USB by disabling USB file transfers on enrolled Android devices.
References
|
| endpoint_management | Endpoint Management | protect | partial | T1567.002 | Exfiltration to Cloud Storage |
Comments
This control may restrict which apps can be installed and accessed on enrolled devices, preventing exfiltration of sensitive information from compromised endpoints to cloud storage.
References
|