| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| cloud_asset_inventory | Cloud Asset Inventory | detect | partial | T1098 | Account Manipulation |
Comments
This control may be able to detect when adversaries use cloud accounts to elevate privileges through manipulation of IAM or access policies. This monitoring can be fine tuned to specific assets, policies, and organizations.
References
|
| cloud_asset_inventory | Cloud Asset Inventory | detect | partial | T1098.001 | Additional Cloud Credentials |
Comments
This control may be able to detect when adversaries use cloud accounts to elevate privileges through manipulation of IAM or access policies for the creation of additional accounts. This monitoring can be fine tuned to specific assets, policies, and organizations.
References
|
| cloud_asset_inventory | Cloud Asset Inventory | detect | partial | T1078 | Valid Accounts |
Comments
This control may be able to detect when adversaries use valid cloud accounts to elevate privileges through manipulation of IAM or access policies. This monitoring can be fine tuned to specific assets, policies, and organizations.
References
|
| cloud_asset_inventory | Cloud Asset Inventory | detect | partial | T1078.004 | Cloud Accounts |
Comments
This control may be able to detect when adversaries use valid cloud accounts to elevate privileges through manipulation of IAM or access policies. This monitoring can be fine tuned to specific assets, policies, and organizations.
References
|