| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| cloud_key_management | Cloud Key Management | protect | minimal | T1552 | Unsecured Credentials |
|
| cloud_key_management | Cloud Key Management | protect | significant | T1552.005 | Cloud Instance Metadata API |
Comments
This control's protection is specific to a minority of this technique's sub-techniques and procedure examples resulting in a Minimal Coverage score and consequently an overall score of Minimal.
References
|
| cloud_key_management | Cloud Key Management | protect | partial | T1588 | Obtain Capabilities |
Comments
This control manages symmetric and asymmetric cryptographic keys for cloud services and protects against stealing credentials, certificates, keys from the organization.
References
|
| cloud_key_management | Cloud Key Management | protect | significant | T1553 | Subvert Trust Controls |
Comments
Protects against trust mechanisms and stealing of code signing certificates
References
|
| cloud_key_management | Cloud Key Management | protect | partial | T1555 | Credentials from Password Stores |
Comments
This control manages symmetric and asymmetric cryptographic keys for cloud services and protects against stealing credentials, certificates, keys from the organization.
References
|
| cloud_key_management | Cloud Key Management | protect | partial | T1528 | Steal Application Access Token |
Comments
Provides protection against attackers stealing application access tokens if they are stored within Cloud KMS.
References
|
| cloud_key_management | Cloud Key Management | protect | partial | T1588.003 | Code Signing Certificates |
Comments
This control manages symmetric and asymmetric cryptographic keys for cloud services and protects against stealing credentials, certificates, keys from the organization.
References
|
| cloud_key_management | Cloud Key Management | protect | partial | T1588.004 | Digital Certificates |
Comments
This control manages symmetric and asymmetric cryptographic keys for cloud services and protects against stealing credentials, certificates, keys from the organization.
References
|
| cloud_key_management | Cloud Key Management | protect | minimal | T1552.001 | Credentials In Files |
Comments
This control's protection is specific to a minority of this technique's sub-techniques and procedure examples resulting in a Minimal Coverage score and consequently an overall score of Minimal.
References
|
| cloud_key_management | Cloud Key Management | protect | minimal | T1552.004 | Private Keys |
Comments
This control's protection is specific to a minority of this technique's sub-techniques and procedure examples resulting in a Minimal Coverage score and consequently an overall score of Minimal.
References
|
| Capability ID | Capability Name | Number of Mappings |
|---|---|---|
| cloud_key_management | Cloud Key Management | 10 |