ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CVE
Google Cloud Platform (GCP)
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 10.0 Enterprise and GCP 06.28.2022.
Change versions here.
Home
Mapping Frameworks
GCP Home
Security Command Center Capability Group
GCP
Security Command Center
Capability Group
All Mappings
ATT&CK Version
10.0
ATT&CK Domain
Enterprise
GCP
06.28.2022
Change Versions
Capability ID
Capability Description
Category
Value
ATT&CK ID
ATT&CK Name
security_command_center
Security Command Center
detect
significant
T1204.003
Malicious Image
security_command_center
Security Command Center
detect
significant
T1525
Implant Internal Image
security_command_center
Security Command Center
detect
significant
T1133
External Remote Services
security_command_center
Security Command Center
detect
significant
T1505.003
Web Shell
security_command_center
Security Command Center
detect
significant
T1105
Ingress Tool Transfer
security_command_center
Security Command Center
detect
significant
T1059.004
Unix Shell
security_command_center
Security Command Center
detect
significant
T1071.004
DNS
security_command_center
Security Command Center
detect
significant
T1110
Brute Force
security_command_center
Security Command Center
detect
significant
T1078.004
Cloud Accounts
security_command_center
Security Command Center
detect
significant
T1562
Impair Defenses
security_command_center
Security Command Center
detect
significant
T1567
Exfiltration Over Web Service
security_command_center
Security Command Center
detect
significant
T1567.002
Exfiltration to Cloud Storage
security_command_center
Security Command Center
detect
significant
T1505.001
SQL Stored Procedures
security_command_center
Security Command Center
detect
significant
T1098.001
Additional Cloud Credentials
security_command_center
Security Command Center
detect
significant
T1562.007
Disable or Modify Cloud Firewall
security_command_center
Security Command Center
protect
significant
T1589.001
Credentials
security_command_center
Security Command Center
detect
significant
T1496
Resource Hijacking
security_command_center
Security Command Center
protect
significant
T1213.003
Code Repositories
security_command_center
Security Command Center
protect
minimal
T1040
Network Sniffing
security_command_center
Security Command Center
detect
significant
T1190
Exploit Public-Facing Application
security_command_center
Security Command Center
detect
significant
T1078.001
Default Accounts
security_command_center
Security Command Center
detect
significant
T1542
Pre-OS Boot
security_command_center
Security Command Center
detect
significant
T1542.003
Bootkit
security_command_center
Security Command Center
detect
significant
T1014
Rootkit
security_command_center
Security Command Center
detect
significant
T1070
Indicator Removal on Host
security_command_center
Security Command Center
detect
significant
T1484
Domain Policy Modification
security_command_center
Security Command Center
detect
significant
T1136.003
Cloud Account
security_command_center
Security Command Center
detect
significant
T1562.008
Disable Cloud Logs
security_command_center
Security Command Center
detect
significant
T1578
Modify Cloud Compute Infrastructure
security_command_center
Security Command Center
detect
partial
T1530
Data from Cloud Storage Object
Capabilities
ATT&CK Version
10.0
ATT&CK Domain
Enterprise
GCP
06.28.2022
Change Versions
Capability ID
Capability Name
Number of Mappings
security_command_center
Security Command Center
30
