| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| secret_manager | Secret Manager | protect | partial | T1528 | Steal Application Access Token |
Comments
This control can provide protection against attackers stealing application access tokens if they are stored within Secret Manager. Secret Manager significantly raises the bar for access of stored tokens by requiring legitimate credentials with proper authorization. Applications may have to be modified to take advantage of Secret Manager and may not always be possible to utilize.
References
|
| secret_manager | Secret Manager | protect | partial | T1555 | Credentials from Password Stores |
Comments
This control may provide a more secure location for storing passwords. If an cloud user account, endpoint, or application is compromised, they may have limited access to passwords stored in Secret Manager.
References
|
| secret_manager | Secret Manager | protect | partial | T1552 | Unsecured Credentials |
Comments
This control provides a central, secure location for storage of credentials to reduce the possibility of attackers discovering unsecured credentials.
References
|
| secret_manager | Secret Manager | protect | minimal | T1040 | Network Sniffing |
Comments
This control provides secure methods for accessing secrets and passwords. This can reduce the incidents of credentials and other authentication material being transmitted in clear-text or by insecure encryption methods. Any communication between applications or endpoints after access to Secret Manager may not be secure.
References
|
| Capability ID | Capability Name | Number of Mappings |
|---|---|---|
| secret_manager | Secret Manager | 4 |