AWS AWS Config Capability Group

All Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name
aws_config AWS Config protect minimal T1020 Automated Exfiltration
aws_config AWS Config protect partial T1020.001 Traffic Duplication
aws_config AWS Config protect partial T1040 Network Sniffing
aws_config AWS Config protect minimal T1053 Scheduled Task/Job
aws_config AWS Config protect partial T1053.007 Container Orchestration Job
aws_config AWS Config protect partial T1068 Exploitation for Privilege Escalation
aws_config AWS Config protect minimal T1078 Valid Accounts
aws_config AWS Config protect significant T1078.004 Cloud Accounts
aws_config AWS Config protect minimal T1098 Account Manipulation
aws_config AWS Config protect partial T1098.001 Additional Cloud Credentials
aws_config AWS Config protect partial T1098.005 Device Registration
aws_config AWS Config protect significant T1110 Brute Force
aws_config AWS Config protect significant T1110.001 Password Guessing
aws_config AWS Config protect significant T1110.002 Password Cracking
aws_config AWS Config protect significant T1110.003 Password Spraying
aws_config AWS Config protect significant T1110.004 Credential Stuffing
aws_config AWS Config protect minimal T1119 Automated Collection
aws_config AWS Config protect minimal T1136 Create Account
aws_config AWS Config protect partial T1136.003 Cloud Account
aws_config AWS Config protect partial T1190 Exploit Public-Facing Application
aws_config AWS Config protect partial T1203 Exploitation for Client Execution
aws_config AWS Config detect minimal T1204 User Execution
aws_config AWS Config detect significant T1204.003 Malicious Image
aws_config AWS Config protect partial T1210 Exploitation of Remote Services
aws_config AWS Config protect partial T1211 Exploitation for Defense Evasion
aws_config AWS Config protect partial T1212 Exploitation for Credential Access
aws_config AWS Config protect partial T1485 Data Destruction
aws_config AWS Config protect partial T1486 Data Encrypted for Impact
aws_config AWS Config protect significant T1491 Defacement
aws_config AWS Config protect significant T1491.001 Internal Defacement
aws_config AWS Config protect significant T1491.002 External Defacement
aws_config AWS Config detect partial T1496 Resource Hijacking
aws_config AWS Config protect minimal T1498 Network Denial of Service
aws_config AWS Config protect minimal T1498.001 Direct Network Flood
aws_config AWS Config protect minimal T1498.002 Reflection Amplification
aws_config AWS Config protect minimal T1499 Endpoint Denial of Service
aws_config AWS Config protect minimal T1499.001 OS Exhaustion Flood
aws_config AWS Config protect minimal T1499.002 Service Exhaustion Flood
aws_config AWS Config protect minimal T1499.003 Application Exhaustion Flood
aws_config AWS Config protect minimal T1499.004 Application or System Exploitation
aws_config AWS Config detect minimal T1525 Implant Internal Image
aws_config AWS Config protect significant T1530 Data from Cloud Storage Object
aws_config AWS Config protect significant T1538 Cloud Service Dashboard
aws_config AWS Config protect partial T1552 Unsecured Credentials
aws_config AWS Config protect partial T1552.001 Credentials In Files
aws_config AWS Config protect partial T1552.005 Cloud Instance Metadata API
aws_config AWS Config protect partial T1552.007 Container API
aws_config AWS Config protect minimal T1557 Man-in-the-Middle
aws_config AWS Config detect minimal T1562 Impair Defenses
aws_config AWS Config detect partial T1562.001 Disable or Modify Tools
aws_config AWS Config detect significant T1562.007 Disable or Modify Cloud Firewall
aws_config AWS Config detect significant T1562.008 Disable Cloud Logs
aws_config AWS Config detect partial T1578.005 Modify Cloud Compute Configurations
aws_config AWS Config protect partial T1609 Container Administration Command
aws_config AWS Config protect partial T1610 Deploy Container
aws_config AWS Config protect partial T1611 Escape to Host
aws_config AWS Config protect partial T1613 Container and Resource Discovery
aws_config AWS Config protect significant T1651 Cloud Administration Command

Capabilities

Capability ID Capability Name Number of Mappings
aws_config AWS Config 58