Skip to content

Enum: AttackDefenseBypassEnum (DEPRECATED)

DEPRECATED in ATT&CK Specification v3.3.0. Will be removed in v4.0.0. Closed enumeration of defensive tools, methodologies, or processes that a technique is documented to bypass, circumvent, or evade. Values are sourced from the historical ATT&CK data model and have been preserved verbatim including case variants.

URI: attack:AttackDefenseBypassEnum

Permissible Values

Value Meaning Description
Signature-based detection None
Signature-based Detection None
Multi-Factor Authentication None
Network Intrusion Detection System None
Network intrusion detection system None
Application Control None
Application control None
Host forensic analysis None
Host Forensic Analysis None
Exploit Prevention None
Data Execution Prevention None
Heuristic Detection None
Heuristic detection None
File system access controls None
File Monitoring None
File monitoring None
Digital Certificate Validation None
Logon Credentials None
Firewall None
Static File Analysis None
Notarization None
System access controls None
System Access Controls None
Binary Analysis None
Web Content Filters None
Host intrusion prevention systems None
Host Intrusion Prevention Systems None
Application whitelisting None
Defensive network service scanning None
User Mode Signature Validation None
Encryption None
Log Analysis None
Log analysis None
Autoruns Analysis None
Anti Virus None
Anti-virus None
Gatekeeper None
Process whitelisting None
Windows User Account Control None
Whitelisting by file name or path None

Slots

Name Description
x_mitre_defense_bypassed DEPRECATED in ATT&CK Specification v3

In Subsets

Identifier and Mapping Information

Schema Source

  • from schema: https://w3id.org/lmodel/attack

LinkML Source

name: AttackDefenseBypassEnum
description: DEPRECATED in ATT&CK Specification v3.3.0. Will be removed in v4.0.0.
  Closed enumeration of defensive tools, methodologies, or processes that a technique
  is documented to bypass, circumvent, or evade. Values are sourced from the historical
  ATT&CK data model and have been preserved verbatim including case variants.
deprecated: Deprecated in ATT&CK Specification v3.3.0; will be removed in v4.0.0.
in_subset:
- deprecated
from_schema: https://w3id.org/lmodel/attack
rank: 1000
permissible_values:
  Signature-based detection:
    text: Signature-based detection
  Signature-based Detection:
    text: Signature-based Detection
  Multi-Factor Authentication:
    text: Multi-Factor Authentication
  Network Intrusion Detection System:
    text: Network Intrusion Detection System
  Network intrusion detection system:
    text: Network intrusion detection system
  Application Control:
    text: Application Control
  Application control:
    text: Application control
  Host forensic analysis:
    text: Host forensic analysis
  Host Forensic Analysis:
    text: Host Forensic Analysis
  Exploit Prevention:
    text: Exploit Prevention
  Data Execution Prevention:
    text: Data Execution Prevention
  Heuristic Detection:
    text: Heuristic Detection
  Heuristic detection:
    text: Heuristic detection
  File system access controls:
    text: File system access controls
  File Monitoring:
    text: File Monitoring
  File monitoring:
    text: File monitoring
  Digital Certificate Validation:
    text: Digital Certificate Validation
  Logon Credentials:
    text: Logon Credentials
  Firewall:
    text: Firewall
  Static File Analysis:
    text: Static File Analysis
  Notarization:
    text: Notarization
  System access controls:
    text: System access controls
  System Access Controls:
    text: System Access Controls
  Binary Analysis:
    text: Binary Analysis
  Web Content Filters:
    text: Web Content Filters
  Host intrusion prevention systems:
    text: Host intrusion prevention systems
  Host Intrusion Prevention Systems:
    text: Host Intrusion Prevention Systems
  Application whitelisting:
    text: Application whitelisting
  Defensive network service scanning:
    text: Defensive network service scanning
  User Mode Signature Validation:
    text: User Mode Signature Validation
  Encryption:
    text: Encryption
  Log Analysis:
    text: Log Analysis
  Log analysis:
    text: Log analysis
  Autoruns Analysis:
    text: Autoruns Analysis
  Anti Virus:
    text: Anti Virus
  Anti-virus:
    text: Anti-virus
  Gatekeeper:
    text: Gatekeeper
  Process whitelisting:
    text: Process whitelisting
  Windows User Account Control:
    text: Windows User Account Control
  Whitelisting by file name or path:
    text: Whitelisting by file name or path