ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CVE
Google Cloud Platform (GCP)
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 9.0 Enterprise and AWS 09.21.2021.
Change versions here.
Home
Mapping Frameworks
AWS Home
AWS Identity and Access Management Capability Group
AWS
AWS Identity and Access Management
Capability Group
All Mappings
ATT&CK Version
9.0
ATT&CK Domain
Enterprise
AWS
09.21.2021
Change Versions
Capability ID
Capability Description
Category
Value
ATT&CK ID
ATT&CK Name
aws_identity_and_access_management
AWS Identity and Access Management
protect
partial
T1078
Valid Accounts
aws_identity_and_access_management
AWS Identity and Access Management
detect
partial
T1078
Valid Accounts
aws_identity_and_access_management
AWS Identity and Access Management
protect
partial
T1078.004
Cloud Accounts
aws_identity_and_access_management
AWS Identity and Access Management
detect
minimal
T1078.004
Cloud Accounts
aws_identity_and_access_management
AWS Identity and Access Management
detect
minimal
T1098
Account Manipulation
aws_identity_and_access_management
AWS Identity and Access Management
detect
minimal
T1098.001
Additional Cloud Credentials
aws_identity_and_access_management
AWS Identity and Access Management
protect
minimal
T1550
Use Alternate Authentication Material
aws_identity_and_access_management
AWS Identity and Access Management
protect
minimal
T1550.001
Application Access Token
aws_identity_and_access_management
AWS Identity and Access Management
protect
significant
T1110
Brute Force
aws_identity_and_access_management
AWS Identity and Access Management
protect
significant
T1110.004
Credential Stuffing
aws_identity_and_access_management
AWS Identity and Access Management
protect
significant
T1110.001
Password Guessing
aws_identity_and_access_management
AWS Identity and Access Management
protect
significant
T1110.003
Password Spraying
aws_identity_and_access_management
AWS Identity and Access Management
protect
minimal
T1528
Steal Application Access Token
Capabilities
ATT&CK Version
9.0
ATT&CK Domain
Enterprise
AWS
09.21.2021
Change Versions
Capability ID
Capability Name
Number of Mappings
aws_identity_and_access_management
AWS Identity and Access Management
13
