ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CVE
Google Cloud Platform (GCP)
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 14.1 Enterprise and M365 12.11.2023.
Change versions here.
Home
Mapping Frameworks
M365 Home
Role Based Access Control
M365
ME-RBAC-E3
Mappings
Microsoft Entra roles allow you to grant granular permissions to your admins, abiding by the principle of least privilege. Microsoft Entra roles control access to Microsoft Entra resources such as users, groups, and applications.
Mappings
ATT&CK Version
14.1
ATT&CK Domain
Enterprise
M365
12.11.2023
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1078.001
Default Accounts
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1213.002
Sharepoint
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1213
Data from Information Repositories
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1199
Trusted Relationship
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1562.008
Disable or Modify Cloud Logs
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1562
Impair Defenses
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1530
Data from Cloud Storage
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1484.002
Domain Trust Modification
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1484
Domain Policy Modification
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1556.007
Hybrid Identity
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1556.006
Multi-Factor Authentication
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1556
Modify Authentication Process
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1648
Serverless Execution
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1059.009
Cloud API
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1059
Command and Scripting Interpreter
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1651
Cloud Administration Command
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1528
Steal Application Access Token
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1538
Cloud Service Dashboard
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1098.003
Additional Cloud Roles
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1098.001
Additional Cloud Credentials
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1098
Account Manipulation
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1136.003
Cloud Account
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1136
Create Account
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1078.004
Cloud Accounts
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1078
Valid Accounts
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1087.004
Cloud Account
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1087
Account Discovery
ME-RBAC-E3
Role Based Access Control
Technique Scores
T1548.005
Temporary Elevated Cloud Access
