| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1021.007 | Cloud Services |
Comments
This diagnostic statement provides protection from Remote Services through the implementation of authentication and identity management controls to limit lateral movement. Employing control limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to move laterally in the cloud environment.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1021.004 | SSH |
Comments
This diagnostic statement provides protection from Remote Services through the implementation of authentication and identity management controls to limit lateral movement. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to move laterally.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1021.001 | Remote Desktop Protocol |
Comments
This diagnostic statement provides protection from Remote Services through the implementation of authentication and identity management controls to limit lateral movement. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to move laterally.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1021 | Remote Services |
Comments
This diagnostic statement provides protection from Remote Services through the implementation of authentication and identity management controls to limit lateral movement. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to move laterally.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1556.001 | Domain Controller Authentication |
Comments
This diagnostic statement provides protection from Modify Authentication Process through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to modify credentials.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1556 | Modify Authentication Process |
Comments
This diagnostic statement provides protection from Modify Authentication Process through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to modify credentials.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1110.004 | Credential Stuffing |
Comments
This diagnostic statement provides protection from Brute Force through the implementation of authentication controls and privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to brute force credentials.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1110.003 | Password Spraying |
Comments
This diagnostic statement provides protection from Brute Force through the implementation of authentication controls and privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to brute force credentials.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1110.001 | Password Guessing |
Comments
This diagnostic statement provides protection from Brute Force through the implementation of authentication controls and privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to brute force credentials.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1110 | Brute Force |
Comments
This diagnostic statement provides protection from Brute Force through the implementation of authentication controls and privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to brute force credentials.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1136.003 | Cloud Account |
Comments
This diagnostic statement provides protection from Create Account through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to create accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1136.002 | Domain Account |
Comments
This diagnostic statement provides protection from Create Account through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to create accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1136.001 | Local Account |
Comments
This diagnostic statement provides protection from Create Account through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to create accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1098.006 | Additional Container Cluster Roles |
Comments
This diagnostic statement provides protection from Account Manipulation through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to modify accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1098.005 | Device Registration |
Comments
This diagnostic statement provides protection from Account Manipulation through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to modify accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1098.003 | Additional Cloud Roles |
Comments
This diagnostic statement provides protection from Account Manipulation through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to modify accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1098.001 | Additional Cloud Credentials |
Comments
This diagnostic statement provides protection from Account Manipulation through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to modify accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1586.003 | Cloud Accounts |
Comments
This diagnostic statement provides protection from Compromise Accounts through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to modify accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1087.001 | Local Account |
Comments
This diagnostic statement provides protection from Create Account through the implementation of privileged account management controls to limit account access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to create accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1087.002 | Domain Account |
Comments
This diagnostic statement provides protection from Create Account through the implementation of privileged account management controls to limit account access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to create accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1078.001 | Default Accounts |
Comments
This diagnostic statement provides protection from Valid Accounts through the implementation of privileged account management controls to limit account access. Employing limitations to specific accounts, provisioning accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to use default accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1136 | Create Account |
Comments
This diagnostic statement provides protection from Create Account through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to create accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1098 | Account Manipulation |
Comments
This diagnostic statement provides protection from Account Manipulation through the implementation of privileged account management controls to limit credential access. Employing limitations to specific accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to modify accounts.
|
| PR.AA-02.01 | Authentication of identity | Mitigates | T1078 | Valid Accounts |
Comments
This diagnostic statement provides protection from Valid Accounts through the implementation of privileged account management controls to limit account access. Employing limitations to specific accounts, provisioning accounts, access control mechanisms, and auditing the attribution logs provides protection against adversaries attempting to use existing accounts.
|