GCP Cloud IDS – Mappings Explorer

All Mappings

Capability ID	Capability Description	Category	Value	ATT&CK ID	ATT&CK Name
cloud_ids	Cloud IDS	detect	significant	T1137	Office Application Startup
cloud_ids	Cloud IDS	detect	significant	T1546.006	LC_LOAD_DYLIB Addition
cloud_ids	Cloud IDS	detect	significant	T1204.002	Malicious File
cloud_ids	Cloud IDS	detect	significant	T1055.002	Portable Executable Injection
cloud_ids	Cloud IDS	detect	significant	T1221	Template Injection
cloud_ids	Cloud IDS	detect	significant	T1505.003	Web Shell
cloud_ids	Cloud IDS	detect	significant	T1204.003	Malicious Image
cloud_ids	Cloud IDS	detect	significant	T1048	Exfiltration Over Alternative Protocol
cloud_ids	Cloud IDS	detect	significant	T1041	Exfiltration Over C2 Channel
cloud_ids	Cloud IDS	detect	significant	T1567	Exfiltration Over Web Service
cloud_ids	Cloud IDS	detect	significant	T1567.002	Exfiltration to Cloud Storage
cloud_ids	Cloud IDS	detect	significant	T1020	Automated Exfiltration
cloud_ids	Cloud IDS	detect	significant	T1110	Brute Force
cloud_ids	Cloud IDS	detect	significant	T1499	Endpoint Denial of Service
cloud_ids	Cloud IDS	detect	significant	T1499.003	Application Exhaustion Flood
cloud_ids	Cloud IDS	detect	significant	T1190	Exploit Public-Facing Application
cloud_ids	Cloud IDS	detect	significant	T1566.002	Spearphishing Link
cloud_ids	Cloud IDS	detect	significant	T1137.006	Add-ins
cloud_ids	Cloud IDS	detect	significant	T1137.001	Office Template Macros

Capability ID	Capability Name	Number of Mappings
cloud_ids	Cloud IDS	19