T1046 Network Service Scanning Mappings

Adversaries may attempt to get a listing of services running on remote hosts, including those that may be vulnerable to remote software exploitation. Methods to acquire this information include port scans and vulnerability scans using tools that are brought onto a system.

Within cloud environments, adversaries may attempt to discover services running on other cloud hosts. Additionally, if the cloud environment is connected to a on-premises environment, adversaries may be able to identify services running on non-cloud systems as well.

View in MITRE ATT&CK®

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
AC-4 Information Flow Enforcement Protects T1046 Network Service Scanning
CA-7 Continuous Monitoring Protects T1046 Network Service Scanning
CM-2 Baseline Configuration Protects T1046 Network Service Scanning
CM-6 Configuration Settings Protects T1046 Network Service Scanning
CM-7 Least Functionality Protects T1046 Network Service Scanning
CM-8 System Component Inventory Protects T1046 Network Service Scanning
RA-5 Vulnerability Monitoring and Scanning Protects T1046 Network Service Scanning
SC-46 Cross Domain Policy Enforcement Protects T1046 Network Service Scanning
SC-7 Boundary Protection Protects T1046 Network Service Scanning
SI-3 Malicious Code Protection Protects T1046 Network Service Scanning
SI-4 System Monitoring Protects T1046 Network Service Scanning
CVE-2012-6685 n/a uncategorized T1046 Network Service Scanning
CVE-2017-14323 n/a uncategorized T1046 Network Service Scanning
action.malware.variety.Scan network Scan or footprint network related-to T1046 Network Service Scanning
amazon_guardduty Amazon GuardDuty technique_scores T1046 Network Service Scanning
aws_iot_device_defender AWS IoT Device Defender technique_scores T1046 Network Service Scanning
amazon_inspector Amazon Inspector technique_scores T1046 Network Service Scanning
amazon_virtual_private_cloud Amazon Virtual Private Cloud technique_scores T1046 Network Service Scanning
aws_web_application_firewall AWS Web Application Firewall technique_scores T1046 Network Service Scanning
aws_network_firewall AWS Network Firewall technique_scores T1046 Network Service Scanning