{"description": "Enterprise techniques mitigated by Limit Software Installation, ATT&CK mitigation M1033 (v1.1)", "name": "Limit Software Installation (M1033)", "domain": "enterprise-attack", "versions": {"layer": "4.5", "attack": "19", "navigator": "5.3.2"}, "techniques": [{"techniqueID": "T1547", "showSubtechniques": true}, {"techniqueID": "T1547.013", "comment": "Restrict software installation to trusted repositories only and be cautious of orphaned software packages.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1059", "comment": "Prevent user installation of unrequired command and scripting interpreters.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1059.006", "comment": "Prevent users from installing Python where not required.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1059.011", "comment": "Prevent users from installing Lua where not required.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1543", "comment": "Restrict software installation to trusted repositories only and be cautious of orphaned software packages.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1543.002", "comment": "Restrict software installation to trusted repositories only and be cautious of orphaned software packages.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1564", "comment": "Restrict the installation of software that may be abused to create hidden desktops, such as hVNC, to user groups that require it.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1564.003", "comment": "Restrict the installation of software that may be abused to create hidden desktops, such as hVNC, to user groups that require it.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1021", "showSubtechniques": true}, {"techniqueID": "T1021.005", "comment": "Restrict software installation to user groups that require it. A VNC server must be manually installed by the user or adversary.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1072", "comment": "Restrict the use of third-party software suites installed within an enterprise network. ", "score": 1, "color": "#66b1ff", "showSubtechniques": false}, {"techniqueID": "T1176", "comment": "Only install extensions from trusted sources that can be verified.", "score": 1, "showSubtechniques": true}, {"techniqueID": "T1176.001", "comment": "Only install browser extensions from trusted sources that can be verified. Browser extensions for some browsers can be controlled through Group Policy. Change settings to prevent the browser from installing extensions without sufficient permissions.", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1176.002", "comment": "Only install IDE extensions from trusted sources that can be verified.  ", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1195", "comment": "Where possible, consider requiring developers to pull from internal repositories containing verified and approved packages rather than from external ones.(Citation: Cider Security Top 10 CICD Security Risks)", "score": 1, "showSubtechniques": true}, {"techniqueID": "T1195.001", "comment": "Where possible, consider requiring developers to pull from internal repositories containing verified and approved packages rather than from external ones.(Citation: Cider Security Top 10 CICD Security Risks)", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1204", "comment": "Where possible, consider requiring developers to pull from internal repositories containing verified and approved packages rather than from external ones.", "score": 1, "showSubtechniques": true}, {"techniqueID": "T1204.005", "comment": "Where possible, consider requiring developers to pull from internal repositories containing verified and approved packages rather than from external ones. ", "score": 1, "color": "#66b1ff", "showSubtechniques": true}], "gradient": {"colors": ["#ffffff", "#66b1ff"], "minValue": 0, "maxValue": 1}, "legendItems": [{"label": "mitigated by Limit Software Installation", "color": "#66b1ff"}]}