| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| cloud_identity | Cloud Identity | protect | significant | T1110 | Brute Force |
Comments
This control may mitigate brute force attacks by enforcing multi-factor authentication, enforcing strong password policies, and rotating credentials periodically. These recommendations are IAM best practices but must be explicitly implemented by a cloud administrator.
References
|
| cloud_identity | Cloud Identity | protect | significant | T1110.003 | Password Spraying |
Comments
This control may mitigate brute force attacks by enforcing multi-factor authentication, enforcing strong password policies, and rotating credentials periodically. These recommendations are IAM best practices but must be explicitly implemented by a cloud administrator.
References
|
| cloud_identity | Cloud Identity | protect | partial | T1078 | Valid Accounts |
Comments
This control can be used to mitigate malicious attacks of cloud accounts by implementing multi-factor authentication techniques or password policies.
References
|
| cloud_identity | Cloud Identity | protect | partial | T1078.004 | Cloud Accounts |
Comments
This control can be used to mitigate malicious attacks of cloud accounts by implementing multi-factor authentication techniques or password policies.
References
|
| cloud_identity | Cloud Identity | protect | significant | T1110.001 | Password Guessing |
Comments
This control may mitigate brute force attacks by enforcing multi-factor authentication, enforcing strong password policies, and rotating credentials periodically. These recommendations are IAM best practices but must be explicitly implemented by a cloud administrator.
References
|
| cloud_identity | Cloud Identity | protect | significant | T1110.002 | Password Cracking |
Comments
This control may mitigate brute force attacks by enforcing multi-factor authentication, enforcing strong password policies, and rotating credentials periodically. These recommendations are IAM best practices but must be explicitly implemented by a cloud administrator.
References
|
| cloud_identity | Cloud Identity | protect | significant | T1110.004 | Credential Stuffing |
Comments
This control may mitigate brute force attacks by enforcing multi-factor authentication, enforcing strong password policies, and rotating credentials periodically. These recommendations are IAM best practices but must be explicitly implemented by a cloud administrator.
References
|
| cloud_identity | Cloud Identity | protect | partial | T1078.002 | Domain Accounts |
Comments
This control can be used to mitigate malicious attacks of domain accounts by implementing multi-factor authentication techniques or password policies.
References
|
| cloud_identity | Cloud Identity | detect | minimal | T1021.004 | SSH |
Comments
This control can be used to detect adversaries that may try to use Valid Accounts to log into remote machines using Secure Shell (SSH).
References
|
| cloud_identity | Cloud Identity | protect | partial | T1213.003 | Code Repositories |
Comments
MFA and enforcing the principal of least privilege can be used to control adversaries and possibly hinder them from gaining access to a victim network or a private code repository.
References
|
| cloud_identity | Cloud Identity | protect | partial | T1213 | Data from Information Repositories |
Comments
MFA and enforcing the principal of least privilege can be used to control adversaries and possibly hinder them from gaining access to a victim network or a private code repository.
References
|
| cloud_identity | Cloud Identity | protect | minimal | T1133 | External Remote Services |
|
| Capability ID | Capability Name | Number of Mappings |
|---|---|---|
| cloud_identity | Cloud Identity | 12 |