cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1078 |
Valid Accounts |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1078.004 |
Cloud Accounts |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1078.002 |
Domain Accounts |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1078.001 |
Default Accounts |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
partial |
T1567 |
Exfiltration Over Web Service |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1567 |
Exfiltration Over Web Service |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
partial |
T1567.002 |
Exfiltration to Cloud Storage |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1567.002 |
Exfiltration to Cloud Storage |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
partial |
T1567.001 |
Exfiltration to Code Repository |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1567.001 |
Exfiltration to Code Repository |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1189 |
Drive-by Compromise |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1535 |
Unused/Unsupported Cloud Regions |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
significant |
T1187 |
Forced Authentication |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
significant |
T1187 |
Forced Authentication |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1530 |
Data from Cloud Storage Object |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
partial |
T1528 |
Steal Application Access Token |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1528 |
Steal Application Access Token |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1526 |
Cloud Service Discovery |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
minimal |
T1213 |
Data from Information Repositories |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1213 |
Data from Information Repositories |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
partial |
T1213.002 |
Sharepoint |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1213.002 |
Sharepoint |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
partial |
T1213.001 |
Confluence |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1213.001 |
Confluence |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
partial |
T1119 |
Automated Collection |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1119 |
Automated Collection |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
partial |
T1565 |
Data Manipulation |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
partial |
T1565.001 |
Stored Data Manipulation |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
partial |
T1133 |
External Remote Services |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1133 |
External Remote Services |
cloud_app_security_policies |
Cloud App Security Policies |
protect |
significant |
T1219 |
Remote Access Software |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1219 |
Remote Access Software |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1484 |
Domain Policy Modification |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1484.002 |
Domain Trust Modification |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1484.001 |
Group Policy Modification |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1098 |
Account Manipulation |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1098.003 |
Add Office 365 Global Administrator Role |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1098.001 |
Additional Cloud Credentials |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1098.002 |
Exchange Email Delegate Permissions |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1578 |
Modify Cloud Compute Infrastructure |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1578.004 |
Revert Cloud Instance |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1578.003 |
Delete Cloud Instance |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1578.001 |
Create Snapshot |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1578.002 |
Create Cloud Instance |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1531 |
Account Access Removal |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1496 |
Resource Hijacking |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1485 |
Data Destruction |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1486 |
Data Encrypted for Impact |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1071 |
Application Layer Protocol |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1071.003 |
Mail Protocols |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1110 |
Brute Force |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1110.004 |
Credential Stuffing |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1110.003 |
Password Spraying |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
partial |
T1110.001 |
Password Guessing |
cloud_app_security_policies |
Cloud App Security Policies |
detect |
minimal |
T1534 |
Internal Spearphishing |