Check Point offers the widest coverage of the MITRE ATT&CK matrix

Our AI prevention technologies uniquely utilize MITRE knowledge base taxonomy, to predict zero-day attacks and accelerate detection, investigation and response across network, endpoint, mobile and cloud.

Mitre Attack inside Check Point

Check out Check Point’s coverage of the
MITRE ATT&CK mobile matrix

Below are the tactics and techniques representing the MITRE ATT&CK® Matrix for Mobile. The Matrix contains information for
the following platforms: Windows, macOS, Linux, PRE, Azure AD, Office 365, Google Workspace, SaaS, IaaS, Network, Containers.

Initial Access

4 techniques

Execution

3 techniques

Persistence

7 techniques

Privilege Escalation

3 techniques

Defense Evasion

14 techniques

Credential Access

5 techniques

Discovery

8 techniques

Lateral Movement

2 techniques

Collection

13 techniques

Command and Control

8 techniques

Exfiltration

2 techniques

Impact

9 techniques
Drive-By Compromise
Lockscreen Bypass
Replication Through Removable Media
Supply Chain Compromise
Compromise Software Dependencies and Development Tools
Compromise Hardware Supply Chain
Compromise Software Supply Chain
Command and Scripting Interpreter
Unix Shell
Native API
Scheduled Task/Job
Boot or Logon Initialization Scripts
Compromise Application Executable
Compromise Client Software Binary
Event Triggered Execution
Broadcast Receivers
Foreground Persistence
Hijack Execution Flow
System Runtime API Hijacking
Scheduled Task/Job
Abuse Elevation Control Mechanism
Device Administrator Permissions
Exploitation for Privilege Escalation
Process Injection
Ptrace System Calls
Download New Code at Runtime
Execution Guardrails
Geofencing
Foreground Persistence
Hide Artifacts
Suppress Application Icon
User Evasion
Hooking
Impair Defenses
Prevent Application Removal
Device Lockout
Disable or Modify Tools
Indicator Removal on Host
Uninstall Malicious Application
File Deletion
Disguise Root/Jailbreak Indicators
Input Injection
Native API
Obfuscated Files or Information
Steganography
Software Packing
Process Injection
Ptrace System Calls
Proxy Through Victim
Subvert Trust Controls
Code Signing Policy Modification
Virtualization/Sandbox Evasion
System Checks
Access Notifications
Clipboard Data
Credentials from Password Store
Keychain
Input Capture
キーロギング
GUI Input Capture
Steal Application Access Token
URI Hijacking
File and Directory Discovery
Location Tracking
Remote Device Management Services
Impersonate SS7 Nodes
Network Service Scanning
Process Discovery
Software Discovery
Security Software Discovery
System Information Discovery
System Network Configuration Discovery
System Network Connections Discovery
Exploitation of Remote Services
Replication Through Removable Media
Access Notifications
Adversary-in-the-Middle
Archive Collected Data
Audio Capture
Call Control
Clipboard Data
Data from Local System
Input Capture
キーロギング
GUI Input Capture
Location Tracking
Remote Device Management Services
Impersonate SS7 Nodes
Protected User Data
Calendar Entries
Call Log
Contact List
SMS Messages
Screen Capture
Stored Application Data
Video Capture
Application Layer Protocol
Web Protocols
Call Control
Dynamic Resolution
Domain Generation Algorithms
Encrypted Channel
Symmetric Cryptography
Asymmetric Cryptography
Ingress Tool Transfer
Non-Standard Port
Out of Band Data
Web Service
Dead Drop Resolver
Bidirectional Communication
One-Way Communication
Exfiltration Over Alternative Protocol
Exfiltration Over Unencrypted Non-C2 Protocol
Exfiltration Over C2 Channel
Account Access Removal
Call Control
Data Encrypted for Impact
Data Manipulation
Transmitted Data Manipulation
Endpoint Denial of Service
Generate Traffic from Victim
Input Injection
Network Denial of Service
SMS Control

UEM is NOT Security

Watch the Video to learn why UEM is NOT security

MDM/UEM is not security video

×
  フィードバック
このWebサイトは、機能性と分析およびマーケティングの目的でCookieを使用しています。Webサイトを引き続きご利用いただくことで、Cookieの使用に同意したことになります。詳細については、Cookieに関する通知をお読みください。
OK