aws_config |
AWS Config |
protect |
minimal |
T1020 |
Automated Exfiltration |
aws_config |
AWS Config |
protect |
partial |
T1020.001 |
Traffic Duplication |
aws_config |
AWS Config |
protect |
partial |
T1040 |
Network Sniffing |
aws_config |
AWS Config |
protect |
minimal |
T1053 |
Scheduled Task/Job |
aws_config |
AWS Config |
protect |
partial |
T1053.007 |
Container Orchestration Job |
aws_config |
AWS Config |
protect |
partial |
T1068 |
Exploitation for Privilege Escalation |
aws_config |
AWS Config |
protect |
minimal |
T1078 |
Valid Accounts |
aws_config |
AWS Config |
protect |
significant |
T1078.004 |
Cloud Accounts |
aws_config |
AWS Config |
protect |
minimal |
T1098 |
Account Manipulation |
aws_config |
AWS Config |
protect |
partial |
T1098.001 |
Additional Cloud Credentials |
aws_config |
AWS Config |
protect |
partial |
T1098.005 |
Device Registration |
aws_config |
AWS Config |
protect |
significant |
T1110 |
Brute Force |
aws_config |
AWS Config |
protect |
significant |
T1110.001 |
Password Guessing |
aws_config |
AWS Config |
protect |
significant |
T1110.002 |
Password Cracking |
aws_config |
AWS Config |
protect |
significant |
T1110.003 |
Password Spraying |
aws_config |
AWS Config |
protect |
significant |
T1110.004 |
Credential Stuffing |
aws_config |
AWS Config |
protect |
minimal |
T1119 |
Automated Collection |
aws_config |
AWS Config |
protect |
minimal |
T1136 |
Create Account |
aws_config |
AWS Config |
protect |
partial |
T1136.003 |
Cloud Account |
aws_config |
AWS Config |
protect |
partial |
T1190 |
Exploit Public-Facing Application |
aws_config |
AWS Config |
protect |
partial |
T1203 |
Exploitation for Client Execution |
aws_config |
AWS Config |
detect |
minimal |
T1204 |
User Execution |
aws_config |
AWS Config |
detect |
significant |
T1204.003 |
Malicious Image |
aws_config |
AWS Config |
protect |
partial |
T1210 |
Exploitation of Remote Services |
aws_config |
AWS Config |
protect |
partial |
T1211 |
Exploitation for Defense Evasion |
aws_config |
AWS Config |
protect |
partial |
T1212 |
Exploitation for Credential Access |
aws_config |
AWS Config |
protect |
partial |
T1485 |
Data Destruction |
aws_config |
AWS Config |
protect |
partial |
T1486 |
Data Encrypted for Impact |
aws_config |
AWS Config |
protect |
significant |
T1491 |
Defacement |
aws_config |
AWS Config |
protect |
significant |
T1491.001 |
Internal Defacement |
aws_config |
AWS Config |
protect |
significant |
T1491.002 |
External Defacement |
aws_config |
AWS Config |
detect |
partial |
T1496 |
Resource Hijacking |
aws_config |
AWS Config |
protect |
minimal |
T1498 |
Network Denial of Service |
aws_config |
AWS Config |
protect |
minimal |
T1498.001 |
Direct Network Flood |
aws_config |
AWS Config |
protect |
minimal |
T1498.002 |
Reflection Amplification |
aws_config |
AWS Config |
protect |
minimal |
T1499 |
Endpoint Denial of Service |
aws_config |
AWS Config |
protect |
minimal |
T1499.001 |
OS Exhaustion Flood |
aws_config |
AWS Config |
protect |
minimal |
T1499.002 |
Service Exhaustion Flood |
aws_config |
AWS Config |
protect |
minimal |
T1499.003 |
Application Exhaustion Flood |
aws_config |
AWS Config |
protect |
minimal |
T1499.004 |
Application or System Exploitation |
aws_config |
AWS Config |
detect |
minimal |
T1525 |
Implant Internal Image |
aws_config |
AWS Config |
protect |
significant |
T1530 |
Data from Cloud Storage Object |
aws_config |
AWS Config |
protect |
significant |
T1538 |
Cloud Service Dashboard |
aws_config |
AWS Config |
protect |
partial |
T1552 |
Unsecured Credentials |
aws_config |
AWS Config |
protect |
partial |
T1552.001 |
Credentials In Files |
aws_config |
AWS Config |
protect |
partial |
T1552.005 |
Cloud Instance Metadata API |
aws_config |
AWS Config |
protect |
partial |
T1552.007 |
Container API |
aws_config |
AWS Config |
protect |
minimal |
T1557 |
Man-in-the-Middle |
aws_config |
AWS Config |
detect |
minimal |
T1562 |
Impair Defenses |
aws_config |
AWS Config |
detect |
partial |
T1562.001 |
Disable or Modify Tools |
aws_config |
AWS Config |
detect |
significant |
T1562.007 |
Disable or Modify Cloud Firewall |
aws_config |
AWS Config |
detect |
significant |
T1562.008 |
Disable Cloud Logs |
aws_config |
AWS Config |
detect |
partial |
T1578.005 |
Modify Cloud Compute Configurations |
aws_config |
AWS Config |
protect |
partial |
T1609 |
Container Administration Command |
aws_config |
AWS Config |
protect |
partial |
T1610 |
Deploy Container |
aws_config |
AWS Config |
protect |
partial |
T1611 |
Escape to Host |
aws_config |
AWS Config |
protect |
partial |
T1613 |
Container and Resource Discovery |
aws_config |
AWS Config |
protect |
significant |
T1651 |
Cloud Administration Command |