CLEARED FOR PUBLIC RELEASE · OPEN-SOURCE INTELLIGENCE
Pre-OS Boot (T1542) — a Defense Evasion technique, observed in public incident reporting.
MITRE ATT&CKT1542
TacticDefense Evasion
Incidents on file14
Detection & mitigation
Monitor bootloader integrity by comparing SPL hashes against known-good values at rest and during boot; enforce hardware-backed secure boot with BootROM verification of the full chain, not just the SPL hash.