ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CSA Cloud Controls Matrix (CCM)
CRI Profile
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 12.1 Enterprise and VERIS 1.3.7.
Change versions here.
Home
Mapping Frameworks
VERIS Home
attribute.confidentiality.data_disclosure
VERIS
attribute.confidentiality.data_disclosure
Mappings
ATT&CK Version
12.1
ATT&CK Domain
Enterprise
VERIS
1.3.7
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
attribute.confidentiality.data_disclosure
related-to
T1187
Forced Authentication
attribute.confidentiality.data_disclosure
related-to
T1212
Exploitation for Credential Access
attribute.confidentiality.data_disclosure
related-to
T1557
Man-in-the-Middle
attribute.confidentiality.data_disclosure
related-to
T1119
Automated Collection
attribute.confidentiality.data_disclosure
related-to
T1040
Network Sniffing
attribute.confidentiality.data_disclosure
related-to
T1602
Data from Configuration Repository
attribute.confidentiality.data_disclosure
related-to
T1602.001
Data from Configuration Repository: SNMP (MIB Dump)
attribute.confidentiality.data_disclosure
related-to
T1602.002
Data from Configuration Repository: Network Device Configuration Dump
attribute.confidentiality.data_disclosure
related-to
T1213
Data from Information Repository
attribute.confidentiality.data_disclosure
related-to
T1056.003
Input Capture: Web Portal Capture
attribute.confidentiality.data_disclosure
related-to
T1056
Input Capture
attribute.confidentiality.data_disclosure
related-to
T1056.001
Input Capture: Keylogging
attribute.confidentiality.data_disclosure
related-to
T1056.002
Input Capture: GUI Input Capture
attribute.confidentiality.data_disclosure
related-to
T1056.004
Input Capture: Credential API Hooking
attribute.confidentiality.data_disclosure
related-to
T1113
Screen Capture
attribute.confidentiality.data_disclosure
related-to
T1114
Email Collection
attribute.confidentiality.data_disclosure
related-to
T1114.001
Email Collection: Local Email Collection
attribute.confidentiality.data_disclosure
related-to
T1114.002
Email Collection: Remote Email Collection
attribute.confidentiality.data_disclosure
related-to
T1114.003
Email Collection: Email Forwarding Rule
attribute.confidentiality.data_disclosure
related-to
T1123
Audio Capture
attribute.confidentiality.data_disclosure
related-to
T1125
Video Capture
attribute.confidentiality.data_disclosure
related-to
T1003.002
OS Credential Dumping: Security Account Manager
attribute.confidentiality.data_disclosure
related-to
T1003.003
OS Credential Dumping: NTDS
attribute.confidentiality.data_disclosure
related-to
T1003.006
OS Credential Dumping: DCSync
attribute.confidentiality.data_disclosure
related-to
T1003.008
OS Credential Dumping: /etc/passwd and /etc/shadow
attribute.confidentiality.data_disclosure
related-to
T1005
Data from Local System
attribute.confidentiality.data_disclosure
related-to
T1025
Data from Removable Media
attribute.confidentiality.data_disclosure
related-to
T1039
Data from Network Shared Drive
attribute.confidentiality.data_disclosure
related-to
T1213.001
Data from Information Repositories: Confluence
attribute.confidentiality.data_disclosure
related-to
T1213.002
Data from Information Repositories: Sharepoint
attribute.confidentiality.data_disclosure
related-to
T1530
Data from Cloud Storage
attribute.confidentiality.data_disclosure
related-to
T1011
Exfiltration Over Other Network Medium
attribute.confidentiality.data_disclosure
related-to
T1011.001
Exfiltration Over Other Network Medium: Exfiltration Over Bluetooth
attribute.confidentiality.data_disclosure
related-to
T1020
Automated Exfiltration
attribute.confidentiality.data_disclosure
related-to
T1020.001
Automated Exfiltration: Traffic Duplication
attribute.confidentiality.data_disclosure
related-to
T1029
Scheduled Transfer
attribute.confidentiality.data_disclosure
related-to
T1030
Data Transfer Size Limits
attribute.confidentiality.data_disclosure
related-to
T1041
Exfiltration Over C2 Channels
attribute.confidentiality.data_disclosure
related-to
T1048
Exfiltration Over Alternative Protocol
attribute.confidentiality.data_disclosure
related-to
T1048.001
Exfiltration Over Alternative Protocol: Exfiltration Over Symmetric Encrypted Non-C2 Protocol
attribute.confidentiality.data_disclosure
related-to
T1048.002
Exfiltration Over Alternative Protocol: Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
attribute.confidentiality.data_disclosure
related-to
T1048.003
Exfiltration Over Alternative Protocol: Exfiltration Over Unencrypted/Obfuscated Non-C2 Protcol
attribute.confidentiality.data_disclosure
related-to
T1052
Exfiltration Over Physical Medium
attribute.confidentiality.data_disclosure
related-to
T1052.001
Exfiltration Over Physical Medium: Exfiltration over USB
attribute.confidentiality.data_disclosure
related-to
T1537
Transfer Data to Cloud Account
attribute.confidentiality.data_disclosure
related-to
T1567
Exfiltration Over Web Service
attribute.confidentiality.data_disclosure
related-to
T1567.001
Exfiltration Over Web Service: Exfiltration to Code Repository
attribute.confidentiality.data_disclosure
related-to
T1567.002
Exfiltration Over Web Service: Exfiltration to Cloud Storage
attribute.confidentiality.data_disclosure
related-to
T1003.007
OS Credential Dumping: Proc Filesystem
attribute.confidentiality.data_disclosure
related-to
T1115
Clipboard Data
attribute.confidentiality.data_disclosure
related-to
T1003
OS Credential Dumping
attribute.confidentiality.data_disclosure
related-to
T1003.001
OS Credential Dumping: LSASS Memory
attribute.confidentiality.data_disclosure
related-to
T1003.004
OS Credential Dumping: LSA Secrets
attribute.confidentiality.data_disclosure
related-to
T1003.005
OS Credential Dumping: Cached Domain Credentials
attribute.confidentiality.data_disclosure
related-to
T1552.001
Unsecured Credentials: Credentials in Files
attribute.confidentiality.data_disclosure
related-to
T1552.002
Unsecured Credentials: Credentials in Registry
attribute.confidentiality.data_disclosure
related-to
T1552.003
Unsecured Credentials: Bash History
attribute.confidentiality.data_disclosure
related-to
T1552.004
Unsecured Credentials: Private Keys
attribute.confidentiality.data_disclosure
related-to
T1552.005
Unsecured Credentials: Cloud Instance Metadata API
attribute.confidentiality.data_disclosure
related-to
T1552.006
Unsecured Credentials: Group Policy Preferences
attribute.confidentiality.data_disclosure
related-to
T1555
Credentials from Password Stores
attribute.confidentiality.data_disclosure
related-to
T1555.001
Credentials from Password Stores: Keychain
attribute.confidentiality.data_disclosure
related-to
T1555.002
Credentials from Password Stores: Securityd Memory
attribute.confidentiality.data_disclosure
related-to
T1555.003
Credentials from Password Stores: Credentials from Web Browser
attribute.confidentiality.data_disclosure
related-to
T1555.004
Credentials from Password Stores: Windows Credential Manager
attribute.confidentiality.data_disclosure
related-to
T1555.005
Credentials from Password Stores: Password Managers
attribute.confidentiality.data_disclosure
related-to
T1213.003
Code Repositories
attribute.confidentiality.data_disclosure
related-to
T1552
Unsecured Credentials
attribute.confidentiality.data_disclosure
related-to
T1552.007
Unsecured Credentials: Container API
