Define, implement and evaluate processes, procedures and technical measures that ensure users are identifiable through unique IDs or which can associate individuals to the usage of user IDs.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| IAM-13 | Uniquely Identifiable Users | mitigates | T1564.002 | Hidden Users |
Comments
This control requires both CSP and CSC to independently assign unique, cryptographically secure identifiers to users, ensure traceability and accountability for all access, including shared accounts, implement strong access controls, encryption for user identity data.
These techniques focus on mitigating attacker techniques against user services or machine accounts within cloud environments or identity management system.
|
| IAM-13 | Uniquely Identifiable Users | mitigates | T1036.010 | Masquerade Account Name |
Comments
This control requires both CSP and CSC to independently assign unique, cryptographically secure identifiers to users, ensure traceability and accountability for all access, including shared accounts, implement strong access controls, encryption for user identity data.
These techniques focus on mitigating attacker techniques against user services or machine accounts within cloud environments or identity management system.
|
| IAM-13 | Uniquely Identifiable Users | mitigates | T1036 | Masquerading |
Comments
This control requires both CSP and CSC to independently assign unique, cryptographically secure identifiers to users, ensure traceability and accountability for all access, including shared accounts, implement strong access controls, encryption for user identity data.
These techniques focus on mitigating attacker techniques against user services or machine accounts within cloud environments or identity management system.
|
| IAM-13 | Uniquely Identifiable Users | mitigates | T1556.007 | Hybrid Identity |
Comments
This control requires both CSP and CSC to independently assign unique, cryptographically secure identifiers to users, ensure traceability and accountability for all access, including shared accounts, implement strong access controls, encryption for user identity data.
These techniques focus on mitigating attacker techniques against user services or machine accounts within cloud environments or identity management system.
|
| IAM-13 | Uniquely Identifiable Users | mitigates | T1585.003 | Cloud Accounts |
Comments
This control requires both CSP and CSC to independently assign unique, cryptographically secure identifiers to users, ensure traceability and accountability for all access, including shared accounts, implement strong access controls, encryption for user identity data.
These techniques focus on mitigating attacker techniques against user services or machine accounts within cloud environments or identity management system.
|
| IAM-13 | Uniquely Identifiable Users | mitigates | T1087.004 | Cloud Account |
Comments
This control requires both CSP and CSC to independently assign unique, cryptographically secure identifiers to users, ensure traceability and accountability for all access, including shared accounts, implement strong access controls, encryption for user identity data.
These techniques focus on mitigating attacker techniques against user services or machine accounts within cloud environments or identity management system.
|
| IAM-13 | Uniquely Identifiable Users | mitigates | T1586.003 | Cloud Accounts |
Comments
This control requires both CSP and CSC to independently assign unique, cryptographically secure identifiers to users, ensure traceability and accountability for all access, including shared accounts, implement strong access controls, encryption for user identity data.
These techniques focus on mitigating attacker techniques against user services or machine accounts within cloud environments or identity management system.
|
| IAM-13 | Uniquely Identifiable Users | mitigates | T1078.004 | Cloud Accounts |
Comments
This control requires both CSP and CSC to independently assign unique, cryptographically secure identifiers to users, ensure traceability and accountability for all access, including shared accounts, implement strong access controls, encryption for user identity data.
These techniques focus on mitigating attacker techniques against user services or machine accounts within cloud environments or identity management system.
|
| IAM-13 | Uniquely Identifiable Users | mitigates | T1098.003 | Additional Cloud Roles |
Comments
This control requires both CSP and CSC to independently assign unique, cryptographically secure identifiers to users, ensure traceability and accountability for all access, including shared accounts, implement strong access controls, encryption for user identity data.
These techniques focus on mitigating attacker techniques against user services or machine accounts within cloud environments or identity management system.
|
| IAM-13 | Uniquely Identifiable Users | mitigates | T1098.001 | Additional Cloud Credentials |
Comments
This control requires both CSP and CSC to independently assign unique, cryptographically secure identifiers to users, ensure traceability and accountability for all access, including shared accounts, implement strong access controls, encryption for user identity data.
These techniques focus on mitigating attacker techniques against user services or machine accounts within cloud environments or identity management system.
|
| IAM-13 | Uniquely Identifiable Users | mitigates | T1098 | Account Manipulation |
Comments
This control requires both CSP and CSC to independently assign unique, cryptographically secure identifiers to users, ensure traceability and accountability for all access, including shared accounts, implement strong access controls, encryption for user identity data.
These techniques focus on mitigating attacker techniques against user services or machine accounts within cloud environments or identity management system.
|