• xThreat Vector: Lateral Movement
IDNameImplementation GroupsThreats
2Inventory and Control of Software Assets   STRIDE-LM
2.10Physically or Logically Segregate High Risk Applications  STRIDE-LM
3Continuous Vulnerability Management   STRIDE-LM
3.3Protect Dedicated Assessment Accounts STRIDE-LM
4Controlled Use of Administrative Privileges   STRIDE-LM
4.4Use Unique Passwords STRIDE-LM
4.6Use Dedicated Workstations For All Administrative Tasks  STRIDE-LM
7Email and Web Browser Protections   STRIDE-LM
7.1Ensure Use of Only Fully Supported Browsers and Email ClientsSTRIDE-LM
7.2Disable Unnecessary or Unauthorized Browser or Email Client Plugins STRIDE-LM
7.3Limit Use of Scripting Languages in Web Browsers and Email Clients STRIDE-LM
7.10Sandbox All Email Attachments  STRIDE-LM
9Limitation and Control of Network Ports, Protocols, and Services   STRIDE-LM
9.2Ensure Only Approved Ports, Protocols, and Services Are Running STRIDE-LM
9.4Apply Host-Based Firewalls or Port-FilteringSTRIDE-LM
9.5Implement Application Firewalls  STRIDE-LM
12Boundary Defense   STRIDE-LM
12.2Scan for Unauthorized Connections Across Trusted Network Boundaries STRIDE-LM
12.6Deploy Network-Based IDS Sensors STRIDE-LM
12.7Deploy Network-Based Intrusion Prevention Systems  STRIDE-LM
15Wireless Access Control   STRIDE-LM
15.2Detect Wireless Access Points Connected to the Wired Network STRIDE-LM
15.3Use a Wireless Intrusion Detection System STRIDE-LM
15.4Disable Wireless Access on Devices if Not Required  STRIDE-LM
15.5Limit Wireless Access on Client Devices  STRIDE-LM
15.6Disable Peer-to-Peer Wireless Network Capabilities on Wireless Clients STRIDE-LM
15.8Use Wireless Authentication Protocols That Require Mutual, Multi-Factor Authentication  STRIDE-LM
15.9Disable Wireless Peripheral Access of Devices STRIDE-LM
15.10Create Separate Wireless Network for Personal and Untrusted DevicesSTRIDE-LM
18Application Software Security   STRIDE-LM
18.7Apply Static and Dynamic Code Analysis Tools STRIDE-LM
18.9Separate Production and Non-Production Systems STRIDE-LM
18.10Deploy Web Application Firewalls STRIDE-LM