← Back to Explore
T1553.006
Code Signing Policy Modification
Adversaries may modify code signing policies to enable execution of unsigned or self-signed code. Code signing provides a level of authenticity on a program from a developer and a guarantee that the program has not been tampered with. Security controls can include enforcement mechanisms to ensure that only valid, signed code can be run on an operating system. Some of these security controls may be enabled by default, such as Driver Signature Enforcement (DSE) on Windows or System Integrity Pro...
WindowsmacOS
2
Detections
1
Sources
2
Threat Actors
BY SOURCE
2elastic
PROCEDURES (2)
Authentication Monitoring1 detections
Auto-extracted: 1 detections for authentication monitoring
Registry Monitoring1 detections
Auto-extracted: 1 detections for registry monitoring