Skip to content

DET0627 Detection of Endpoint Denial of Service

Item Value
ID DET0627
Version 1.0
Created 21 October 2025
Last Modified 21 October 2025

Technique Detected: T1642 (Endpoint Denial of Service)

Analytics

Android

AN1695

On Android, the user can review which applications have Device Administrator access in the device settings and revoke permission where appropriate. Application vetting services can detect and closely scrutinize applications that utilize Device Administrator access.

Log Sources
Data Component Name Channel
System Settings (DC0118) User Interface None
Permissions Requests (DC0114) Application Vetting None
Mutable Elements
Field Description

iOS

AN1696

On Android, the user can review which applications have Device Administrator access in the device settings and revoke permission where appropriate. Application vetting services can detect and closely scrutinize applications that utilize Device Administrator access.

Log Sources
Data Component Name Channel
System Settings (DC0118) User Interface None
Permissions Requests (DC0114) Application Vetting None
Mutable Elements
Field Description