GCP Mandiant Digital Threat Monitoring - Mappings Explorer

All Mappings

Capability ID	Capability Description	Category	Value	ATT&CK ID	ATT&CK Name	Notes
mandiant_digital_threatmon	Mandiant Digital Threat Monitoring	protect	minimal	T1078	Valid Accounts	Comments Mandiant Digital Threat Monitoring continually monitors for compromised credentials and data leaks on both the open and dark web. This control may protect against credential abuse by alerting on leaked credentials. Since this control must depend on accessible sources for dumps, it does not protect against credentials that have been collected for a campaign but never posted, so the score is partial. References ['https://cloud.google.com/security/products/digital-threat-monitoring']
mandiant_digital_threatmon	Mandiant Digital Threat Monitoring	detect	partial	T1195	Supply Chain Compromise	Comments Mandiant Digital Threat Monitoring continually monitors for compromised credentials and data leaks on both the open and dark web. This control may protect against credential abuse by alerting on leaked credentials. Since this control must depend on accessible sources for dumps, it does not protect against credentials that have been collected for a campaign but never posted, so the score is partial. References ['https://cloud.google.com/security/products/digital-threat-monitoring']
mandiant_digital_threatmon	Mandiant Digital Threat Monitoring	detect	partial	T1199	Trusted Relationship	Comments Mandiant Digital Threat Monitoring continually monitors for compromised credentials and data leaks on both the open and dark web. This control may protect against credential abuse by alerting on leaked credentials. Since this control must depend on accessible sources for dumps, it does not protect against credentials that have been collected for a campaign but never posted, so the score is partial. References ['https://cloud.google.com/security/products/digital-threat-monitoring']
mandiant_digital_threatmon	Mandiant Digital Threat Monitoring	detect	partial	T1591	Gather Victim Org Information	Comments Mandiant Digital Threat Monitoring continually monitors for compromised credentials and data leaks on both the open and dark web. This control may protect against Gather Victim Org Information by alerting on custom data leaks. Since this control must depend on accessible sources for dumps, it does not protect against data that has been collected for a campaign but never posted, so the score is partial. References ['https://cloud.google.com/security/products/digital-threat-monitoring']

Capabilities

Capability ID	Capability Name	Number of Mappings
mandiant_digital_threatmon	Mandiant Digital Threat Monitoring	4