1. Home
  2. Mapping Frameworks
  3. AWS Home
  4. Amazon Cognito

AWS amazon_cognito Mappings

Amazon Cognito is a service that provides user management for web and mobile apps. The service establishes authentication and authorization for its registered users.

Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name Notes
amazon_cognito Amazon Cognito protect minimal T1078 Valid Accounts
Comments
This control provides partial protection for one of this technique's sub-techniques and a few of its procedure examples resulting in an overall Minimal protection score.
References
  1. https://docs.aws.amazon.com/cognito/latest/developerguide/what-is-amazon-cognito.html
  2. https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-compromised-credentials.html
  3. https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html
amazon_cognito Amazon Cognito protect partial T1078.004 Cloud Accounts
Comments
Amazon Cognito has the ability to alert and block accounts where credentials were found to be compromised elsewhere (compromised credential protection). The service also detects unusual sign-in activity, such as sign-in attempts from new locations and devices and can either prompt users for additional verification or block the sign-in request. There was insufficient detail on the operation of these capabilities and therefore a conservative assessment of a Partial score has been assigned.
References
    amazon_cognito Amazon Cognito protect significant T1110 Brute Force
    Comments
    Amazon Cognito's MFA capability provides significant protection against password compromises, requiring the adversary to complete an additional authentication method before their access is permitted.
    References
    1. https://docs.aws.amazon.com/cognito/latest/developerguide/what-is-amazon-cognito.html
    2. https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-compromised-credentials.html
    3. https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-adaptive-authentication.html
    amazon_cognito Amazon Cognito protect significant T1110.001 Password Guessing
    Comments
    MFA can significantly reduce the impact of a password compromise, requiring the adversary to complete an additional authentication method before their access is permitted.
    References
      amazon_cognito Amazon Cognito protect significant T1110.002 Password Cracking
      Comments
      MFA can significantly reduce the impact of a password compromise, requiring the adversary to complete an additional authentication method before their access is permitted.
      References
        amazon_cognito Amazon Cognito protect significant T1110.003 Password Spraying
        Comments
        MFA can significantly reduce the impact of a password compromise, requiring the adversary to complete an additional authentication method before their access is permitted.
        References
          amazon_cognito Amazon Cognito protect significant T1110.004 Credential Stuffing
          Comments
          MFA can significantly reduce the impact of a password compromise, requiring the adversary to complete an additional authentication method before their access is permitted.
          References