ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CSA Cloud Controls Matrix (CCM)
CRI Profile
Known Exploited Vulnerabilities
Google Cloud Platform (GCP)
Intel vPro
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and VERIS 1.4.0.
Change versions here.
Home
Mapping Frameworks
VERIS Home
attribute.confidentiality.data_disclosure
VERIS
attribute.confidentiality.data_disclosure
Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
VERIS
1.4.0
Change Versions
Capability ID
Capability Description
Mapping Type
ATT&CK ID
ATT&CK Name
attribute.confidentiality.data_disclosure
None
related-to
T1003
OS Credential Dumping
attribute.confidentiality.data_disclosure
None
related-to
T1222
File and Directory Permissions Modification
attribute.confidentiality.data_disclosure
None
related-to
T1114
Email Collection
attribute.confidentiality.data_disclosure
None
related-to
T1587
Develop Capabilities
attribute.confidentiality.data_disclosure
None
related-to
T1547
Boot or Logon Autostart Execution
attribute.confidentiality.data_disclosure
None
related-to
T1598.004
Spearphishing Voice
attribute.confidentiality.data_disclosure
None
related-to
T1558.003
Kerberoasting
attribute.confidentiality.data_disclosure
None
related-to
T1115
Clipboard Data
attribute.confidentiality.data_disclosure
None
related-to
T1003.008
/etc/passwd and /etc/shadow
attribute.confidentiality.data_disclosure
None
related-to
T1005
Data from Local System
attribute.confidentiality.data_disclosure
None
related-to
T1011
Exfiltration Over Other Network Medium
attribute.confidentiality.data_disclosure
None
related-to
T1011.001
Exfiltration Over Bluetooth
attribute.confidentiality.data_disclosure
None
related-to
T1020
Automated Exfiltration
attribute.confidentiality.data_disclosure
None
related-to
T1020.001
Traffic Duplication
attribute.confidentiality.data_disclosure
None
related-to
T1025
Data from Removable Media
attribute.confidentiality.data_disclosure
None
related-to
T1029
Scheduled Transfer
attribute.confidentiality.data_disclosure
None
related-to
T1030
Data Transfer Size Limits
attribute.confidentiality.data_disclosure
None
related-to
T1039
Data from Network Shared Drive
attribute.confidentiality.data_disclosure
None
related-to
T1040
Network Sniffing
attribute.confidentiality.data_disclosure
None
related-to
T1041
Exfiltration Over C2 Channel
attribute.confidentiality.data_disclosure
None
related-to
T1048
Exfiltration Over Alternative Protocol
attribute.confidentiality.data_disclosure
None
related-to
T1048.001
Exfiltration Over Symmetric Encrypted Non-C2 Protocol
attribute.confidentiality.data_disclosure
None
related-to
T1048.002
Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
attribute.confidentiality.data_disclosure
None
related-to
T1048.003
Exfiltration Over Unencrypted Non-C2 Protocol
attribute.confidentiality.data_disclosure
None
related-to
T1052
Exfiltration Over Physical Medium
attribute.confidentiality.data_disclosure
None
related-to
T1052.001
Exfiltration over USB
attribute.confidentiality.data_disclosure
None
related-to
T1056
Input Capture
attribute.confidentiality.data_disclosure
None
related-to
T1056.001
Keylogging
attribute.confidentiality.data_disclosure
None
related-to
T1056.002
GUI Input Capture
attribute.confidentiality.data_disclosure
None
related-to
T1056.003
Web Portal Capture
attribute.confidentiality.data_disclosure
None
related-to
T1056.004
Credential API Hooking
attribute.confidentiality.data_disclosure
None
related-to
T1113
Screen Capture
attribute.confidentiality.data_disclosure
None
related-to
T1114
Email Collection
attribute.confidentiality.data_disclosure
None
related-to
T1114.001
Local Email Collection
attribute.confidentiality.data_disclosure
None
related-to
T1114.002
Remote Email Collection
attribute.confidentiality.data_disclosure
None
related-to
T1114.003
Email Forwarding Rule
attribute.confidentiality.data_disclosure
None
related-to
T1115
Clipboard Data
attribute.confidentiality.data_disclosure
None
related-to
T1119
Automated Collection
attribute.confidentiality.data_disclosure
None
related-to
T1123
Audio Capture
attribute.confidentiality.data_disclosure
None
related-to
T1125
Video Capture
attribute.confidentiality.data_disclosure
None
related-to
T1187
Forced Authentication
attribute.confidentiality.data_disclosure
None
related-to
T1212
Exploitation for Credential Access
attribute.confidentiality.data_disclosure
None
related-to
T1213
Data from Information Repositories
attribute.confidentiality.data_disclosure
None
related-to
T1213.001
Confluence
attribute.confidentiality.data_disclosure
None
related-to
T1213.002
Sharepoint
attribute.confidentiality.data_disclosure
None
related-to
T1213.003
Code Repositories
attribute.confidentiality.data_disclosure
None
related-to
T1213.004
Customer Relationship Management Software
attribute.confidentiality.data_disclosure
None
related-to
T1213.005
Messaging Applications
attribute.confidentiality.data_disclosure
None
related-to
T1530
Data from Cloud Storage
attribute.confidentiality.data_disclosure
None
related-to
T1537
Transfer Data to Cloud Account
attribute.confidentiality.data_disclosure
None
related-to
T1552
Unsecured Credentials
attribute.confidentiality.data_disclosure
None
related-to
T1552.001
Credentials In Files
attribute.confidentiality.data_disclosure
None
related-to
T1552.002
Credentials in Registry
attribute.confidentiality.data_disclosure
None
related-to
T1552.003
Bash History
attribute.confidentiality.data_disclosure
None
related-to
T1552.004
Private Keys
attribute.confidentiality.data_disclosure
None
related-to
T1552.005
Cloud Instance Metadata API
attribute.confidentiality.data_disclosure
None
related-to
T1552.006
Group Policy Preferences
attribute.confidentiality.data_disclosure
None
related-to
T1552.007
Container API
attribute.confidentiality.data_disclosure
None
related-to
T1552.008
Chat Messages
attribute.confidentiality.data_disclosure
None
related-to
T1555
Credentials from Password Stores
attribute.confidentiality.data_disclosure
None
related-to
T1555.001
Keychain
attribute.confidentiality.data_disclosure
None
related-to
T1555.002
Securityd Memory
attribute.confidentiality.data_disclosure
None
related-to
T1555.003
Credentials from Web Browsers
attribute.confidentiality.data_disclosure
None
related-to
T1555.004
Windows Credential Manager
attribute.confidentiality.data_disclosure
None
related-to
T1555.005
Password Managers
attribute.confidentiality.data_disclosure
None
related-to
T1555.006
Cloud Secrets Management Stores
attribute.confidentiality.data_disclosure
None
related-to
T1557
Adversary-in-the-Middle
attribute.confidentiality.data_disclosure
None
related-to
T1567
Exfiltration Over Web Service
attribute.confidentiality.data_disclosure
None
related-to
T1567.001
Exfiltration to Code Repository
attribute.confidentiality.data_disclosure
None
related-to
T1567.002
Exfiltration to Cloud Storage
attribute.confidentiality.data_disclosure
None
related-to
T1567.003
Exfiltration to Text Storage Sites
attribute.confidentiality.data_disclosure
None
related-to
T1567.004
Exfiltration Over Webhook
attribute.confidentiality.data_disclosure
None
related-to
T1602
Data from Configuration Repository
attribute.confidentiality.data_disclosure
None
related-to
T1602.001
SNMP (MIB Dump)
attribute.confidentiality.data_disclosure
None
related-to
T1602.002
Network Device Configuration Dump
