Home
ATT&CK Techniques
T1213.002 Sharepoint

T1213.002 Sharepoint Mappings

Adversaries may leverage the SharePoint repository as a source to mine valuable information. SharePoint will often contain useful information for an adversary to learn about the structure and functionality of the internal network and systems. For example, the following is a list of example information that may hold potential value to an adversary and may also be found on SharePoint:

Policies, procedures, and standards
Physical / logical network diagrams
System architecture diagrams
Technical system documentation
Testing / development credentials (i.e., Unsecured Credentials)
Work / project schedules
Source code snippets
Links to network shares and other internal resources

View in MITRE ATT&CK®

NIST 800-53 Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name
CA-07	Continuous Monitoring	mitigates	T1213.002	Sharepoint
CM-06	Configuration Settings	mitigates	T1213.002	Sharepoint
CM-05	Access Restrictions for Change	mitigates	T1213.002	Sharepoint
AC-17	Remote Access	mitigates	T1213.002	Sharepoint
IA-08	Identification and Authentication (Non-Organizational Users)	mitigates	T1213.002	Sharepoint
AC-21	Information Sharing	mitigates	T1213.002	Sharepoint
AC-23	Data Mining Protection	mitigates	T1213.002	Sharepoint
IA-04	Identifier Management	mitigates	T1213.002	Sharepoint
SC-28	Protection of Information at Rest	mitigates	T1213.002	Sharepoint
RA-05	Vulnerability Monitoring and Scanning	mitigates	T1213.002	Sharepoint
CM-08	System Component Inventory	mitigates	T1213.002	Sharepoint
SI-07	Software, Firmware, and Information Integrity	mitigates	T1213.002	Sharepoint
AC-16	Security and Privacy Attributes	mitigates	T1213.002	Sharepoint
CM-02	Baseline Configuration	mitigates	T1213.002	Sharepoint
CM-02	Baseline Configuration	mitigates	T1213.002	Sharepoint
IA-02	Identification and Authentication (Organizational Users)	mitigates	T1213.002	Sharepoint
CM-07	Least Functionality	mitigates	T1213.002	Sharepoint
SI-04	System Monitoring	mitigates	T1213.002	Sharepoint
AC-02	Account Management	mitigates	T1213.002	Sharepoint
AC-03	Access Enforcement	mitigates	T1213.002	Sharepoint
AC-04	Information Flow Enforcement	mitigates	T1213.002	Sharepoint
AC-05	Separation of Duties	mitigates	T1213.002	Sharepoint
AC-06	Least Privilege	mitigates	T1213.002	Sharepoint
CM-03	Configuration Change Control	mitigates	T1213.002	Sharepoint

VERIS Mappings

Capability ID	Capability Description	Mapping Type	ATT&CK ID	ATT&CK Name	Notes
action.malware.variety.Capture stored data	Capture data stored on system disk	related-to	T1213.002	Sharepoint
attribute.confidentiality.data_disclosure	None	related-to	T1213.002	Sharepoint