Adversaries may attempt to get a listing of accounts on a system or within an environment. This information can help adversaries determine which accounts exist to aid in follow-on behavior.
View in MITRE ATT&CK®| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name |
|---|---|---|---|---|
| resourcemanager | ResourceManager | technique_scores | T1087 | Account Discovery |
| identityplatform | IdentityPlatform | technique_scores | T1087 | Account Discovery |
| chronicle | Chronicle | technique_scores | T1087 | Account Discovery |
| policy_intelligence | Policy Intelligence | technique_scores | T1087 | Account Discovery |
| identity_and_access_management | Identity and Access Management | technique_scores | T1087 | Account Discovery |
| Technique ID | Technique Name | Number of Mappings |
|---|---|---|
| T1087.004 | Cloud Account | 6 |
| T1087.002 | Domain Account | 1 |