GPTKB
Browse
Query
Compare
Download
Publications
Contributors
Search
Local Security Authority Subsystem Service
URI:
https://gptkb.org/entity/Local_Security_Authority_Subsystem_Service
GPTKB entity
Statements (30)
Predicate
Object
gptkbp:instanceOf
Process
gptkbp:abbreviation
gptkb:LSASS
gptkbp:category
gptkb:security
gptkbp:criticalFor
true
gptkbp:developedBy
gptkb:Microsoft
gptkbp:exploits
gptkb:Mimikatz
credential theft malware
gptkbp:firstAppearance
gptkb:Windows_NT
gptkbp:function
creates access tokens
enforces security policy on Windows systems
handles password changes
manages Active Directory authentication
verifies users logging on to a Windows computer
https://www.w3.org/2000/01/rdf-schema#label
Local Security Authority Subsystem Service
gptkbp:location
C:\\Windows\\System32\\lsass.exe
gptkbp:monitors
gptkb:Windows_Task_Manager
gptkbp:operatingSystem
gptkb:Microsoft_Windows
gptkbp:processName
lsass.exe
gptkbp:relatedTo
gptkb:Kerberos_authentication
gptkb:NTLM_authentication
Windows logon process
SAM database
gptkbp:runsOn
SYSTEM account
gptkbp:subject
Windows security updates
gptkbp:terminationEffect
system shutdown
gptkbp:vulnerableTo
credential dumping attacks
gptkbp:bfsParent
gptkb:Security_Account_Manager
gptkb:LSASS_memory
gptkb:LSASS
gptkbp:bfsLayer
7