Adversaries may attempt to get a listing of services running on remote hosts, including those that may be vulnerable to remote software exploitation. Methods to acquire this information include port scans and vulnerability scans using tools that are brought onto a system.
Within cloud environments, adversaries may attempt to discover services running on other cloud hosts. Additionally, if the cloud environment is connected to a on-premises environment, adversaries may be able to identify services running on non-cloud systems as well.
View in MITRE ATT&CK®| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
|---|---|---|---|---|
| cloud_armor | Cloud Armor | technique_scores | T1046 | Network Service Scanning |
| firewalls | Firewalls | technique_scores | T1046 | Network Service Scanning |
| virtual_private_cloud | Virtual Private Cloud | technique_scores | T1046 | Network Service Scanning |