{"description": "Enterprise techniques mitigated by Out-of-Band Communications Channel, ATT&CK mitigation M1060 (v1.0)", "name": "Out-of-Band Communications Channel (M1060)", "domain": "enterprise-attack", "versions": {"layer": "4.5", "attack": "19", "navigator": "5.3.2"}, "techniques": [{"techniqueID": "T1213", "comment": "Create plans for leveraging a secure out-of-band communications channel, rather than existing in-network chat applications, in case of a security incident.(Citation: TrustedSec OOB Communications)", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1213.005", "comment": "Implement secure out-of-band communication channels to use as an alternative to in-network chat applications during a security incident. This ensures that critical communications remain secure even if primary messaging channels are compromised by adversaries.(Citation: TrustedSec OOB Communications)", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1114", "comment": "Use secure out-of-band authentication methods to verify the authenticity of critical actions initiated via email, such as password resets, financial transactions, or access requests. For highly sensitive information, utilize out-of-band communication channels instead of relying solely on email to prevent adversaries from collecting data through compromised email accounts.(Citation: TrustedSec OOB Communications)", "score": 1, "showSubtechniques": true}, {"techniqueID": "T1114.001", "comment": "Implement secure out-of-band alerts to notify security teams of unusual local email activities, such as mass forwarding or large attachments being sent, indicating potential data exfiltration attempts.(Citation: TrustedSec OOB Communications)", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1114.002", "comment": "Use secure out-of-band authentication methods to verify the authenticity of critical actions initiated via email, such as password resets, financial transactions, or access requests. \n\nFor highly sensitive information, utilize out-of-band communication channels instead of relying solely on email. This reduces the risk of sensitive data being collected through compromised email accounts.\n\nSet up out-of-band alerts to notify security teams of unusual email activities, such as mass forwarding or large attachments being sent, which could indicate email collection attempts.\n\nCreate plans for leveraging a secure out-of-band communications channel, rather than an existing in-network email server, in case of a security incident.(Citation: TrustedSec OOB Communications)", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1114.003", "comment": "Use secure out-of-band authentication methods to verify the authenticity of critical actions initiated via email, such as password resets, financial transactions, or access requests. \n\nFor highly sensitive information, utilize out-of-band communication channels instead of relying solely on email. This reduces the risk of sensitive data being collected through compromised email accounts.\n\nSet up out-of-band alerts to notify security teams of unusual email activities, such as mass forwarding or large attachments being sent, which could indicate email collection attempts.\n\nCreate plans for leveraging a secure out-of-band communications channel, rather than an existing in-network email server, in case of a security incident.(Citation: TrustedSec OOB Communications)", "score": 1, "color": "#66b1ff", "showSubtechniques": true}, {"techniqueID": "T1489", "comment": "Develop and enforce security policies that include the use of out-of-band communication channels for critical communications during a security incident.(Citation: TrustedSec OOB Communications)", "score": 1, "color": "#66b1ff", "showSubtechniques": false}], "gradient": {"colors": ["#ffffff", "#66b1ff"], "minValue": 0, "maxValue": 1}, "legendItems": [{"label": "mitigated by Out-of-Band Communications Channel", "color": "#66b1ff"}]}