| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| aws_secrets_manager | AWS Secrets Manager | protect | partial | T1212 | Exploitation for Credential Access |
Comments
This control may protect against exploitation for credential access by removing credentials and secrets from applications that can be exploited and requiring authenticated API calls to retrieve those credentials and secrets.
References
|
| aws_secrets_manager | AWS Secrets Manager | protect | partial | T1528 | Steal Application Access Token |
Comments
This control may prevent theft of application access tokens by replacing those tokens with authenticated and encrypted API calls to AWS Secrets Manager. This control is relevant for credentials stored in applications or configuration files but not credentials entered directly by a user.
References
|
| aws_secrets_manager | AWS Secrets Manager | protect | partial | T1552 | Unsecured Credentials |
Comments
This control is relevant for credentials stored in applications or configuration files but not credentials entered directly by a user.
References
|
| aws_secrets_manager | AWS Secrets Manager | protect | partial | T1552.001 | Credentials In Files |
Comments
This control may prevent harvesting of unsecured credentials by removing credentials and secrets from applications and configuration files and requiring authenticated API calls to retrieve those credentials and secrets. This control is relevant for credentials stored in applications or configuration files but not credentials entered directly by a user.
References
|
| aws_secrets_manager | AWS Secrets Manager | protect | partial | T1552.002 | Credentials in Registry |
Comments
This control may prevent harvesting of unsecured credentials by removing credentials and secrets from applications and configuration files and requiring authenticated API calls to retrieve those credentials and secrets. This control is relevant for credentials stored in applications or configuration files but not credentials entered directly by a user.
References
|
| aws_secrets_manager | AWS Secrets Manager | protect | partial | T1552.004 | Private Keys |
Comments
This control may prevent harvesting of unsecured credentials by removing credentials and secrets from applications and configuration files and requiring authenticated API calls to retrieve those credentials and secrets. This control is relevant for credentials stored in applications or configuration files but not credentials entered directly by a user.
References
|
| aws_secrets_manager | AWS Secrets Manager | protect | partial | T1555 | Credentials from Password Stores |
Comments
This control may prevent harvesting of credentials from password stores by providing a secure, finely controlled location for secrets storage. This control is only relevant for credentials that would be used from application and configuration files and not those entered directly by an end user.
References
|
| aws_secrets_manager | AWS Secrets Manager | protect | partial | T1555.006 | Cloud Secrets Management Stores |
Comments
This control may prevent harvesting of credentials from password stores by providing a secure, finely controlled location for secrets storage. This control is only relevant for credentials that would be used from application and configuration files and not those entered directly by an end user.
References
|
| Capability ID | Capability Name | Number of Mappings |
|---|---|---|
| aws_secrets_manager | AWS Secrets Manager | 8 |