1. Home
  2. ATT&CK Techniques
  3. T1087 Account Discovery

T1087 Account Discovery Mappings

Adversaries may attempt to get a listing of accounts on a system or within an environment. This information can help adversaries determine which accounts exist to aid in follow-on behavior.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
CM-6 Configuration Settings Protects T1087 Account Discovery
CM-7 Least Functionality Protects T1087 Account Discovery
SI-4 System Monitoring Protects T1087 Account Discovery
alerts_for_windows_machines Alerts for Windows Machines technique_scores T1087 Account Discovery
azure_defender_for_resource_manager Azure Defender for Resource Manager technique_scores T1087 Account Discovery
azure_sentinel Azure Sentinel technique_scores T1087 Account Discovery
microsoft_defender_for_identity Microsoft Defender for Identity technique_scores T1087 Account Discovery
role_based_access_control Role Based Access Control technique_scores T1087 Account Discovery
azure_defender_for_app_service Azure Defender for App Service technique_scores T1087 Account Discovery

ATT&CK Subtechniques

Technique ID Technique Name Number of Mappings
T1087.004 Cloud Account 8
T1087.002 Domain Account 6
T1087.003 Email Account 1
T1087.001 Local Account 6