Attestation
Enable remote attestation capabilities when available (such as Android SafetyNet or Samsung Knox TIMA Attestation) and prohibit devices that fail the attestation from accessing enterprise resources.
ID: M1002
Version: 1.0
Created: 18 October 2019
Last Modified: 18 October 2019
Techniques Addressed by Mitigation
| Domain | ID | Name | Use | |
|---|---|---|---|---|
| Mobile | T1605 | Command-Line Interface |
Device attestation can often detect jailbroken or rooted devices. |
|
| Mobile | T1617 | Hooking |
Device attestation can often detect rooted devices. |
|
| Mobile | T1398 | Modify OS Kernel or Boot Partition | ||
| Mobile | T1576 | Uninstall Malicious Application |
Attestation can detect rooted devices. |
|