| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1606.001 | Web Cookies |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1543.003 | Windows Service |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1543.004 | Launch Daemon |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1543.002 | Systemd Service |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1098.004 | SSH Authorized Keys |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1098.005 | Device Registration |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1098.006 | Additional Container Cluster Roles |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1098.007 | Additional Local or Domain Groups |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1078 | Valid Accounts |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1047 | Windows Management Instrumentation |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1078.004 | Cloud Accounts |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1078.003 | Local Accounts |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1078.002 | Domain Accounts |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1078.001 | Default Accounts |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1072 | Software Deployment Tools |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1053.007 | Container Orchestration Job |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1053.006 | Systemd Timers |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1053.005 | Scheduled Task |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1053.002 | At |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1053 | Scheduled Task/Job |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1556.007 | Hybrid Identity |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1556.005 | Reversible Encryption |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1556.004 | Network Device Authentication |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1556.006 | Multi-Factor Authentication |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1556.001 | Domain Controller Authentication |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1556 | Modify Authentication Process |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1606.002 | SAML Tokens |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1606 | Forge Web Credentials |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1210 | Exploitation of Remote Services |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1190 | Exploit Public-Facing Application |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1543.005 | Container Service |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1543 | Create or Modify System Process |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1651 | Cloud Administration Command |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1098.003 | Additional Cloud Roles |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1098.002 | Additional Email Delegate Permissions |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1098.001 | Additional Cloud Credentials |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1098 | Account Manipulation |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1548.006 | TCC Manipulation |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1548.003 | Sudo and Sudo Caching |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1548.002 | Bypass User Account Control |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|
| DE.CM-03.03 | Privileged account monitoring | Mitigates | T1548 | Abuse Elevation Control Mechanism |
Comments
This diagnostic statement implements mechanisms and tools to mitigate potential misuse of privileged users and accounts. Continuous monitoring of role and attribute assignments and activity is essential to prevent and detect unauthorized access or misuse.
|