VERIS attribute.integrity Capability Group

All Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name
action.hacking.variety.Backdoor Hacking action that creates a backdoor for use. related-to T1098.007 Additional Local or Domain Groups
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1098.006 Additional Container Cluster Roles
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1098.007 Additional Local or Domain Groups
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1114.003 Email Forwarding Rule
attribute.integrity.variety.Created account Created new user account related-to T1136 Create Account
attribute.integrity.variety.Created account Created new user account related-to T1136.001 Local Account
attribute.integrity.variety.Created account Created new user account related-to T1136.002 Domain Account
attribute.integrity.variety.Created account Created new user account related-to T1136.003 Cloud Account
attribute.integrity.variety.Log tampering Log tampering or modification related-to T1070.001 Clear Windows Event Logs
attribute.integrity.variety.Log tampering Log tampering or modification related-to T1070.002 Clear Linux or Mac System Logs
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1037 Boot or Logon Initialization Scripts
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1037.001 Logon Script (Windows)
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1037.002 Login Hook
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1037.003 Network Logon Script
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1037.004 RC Scripts
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1037.005 Startup Items
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1098 Account Manipulation
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1098.001 Additional Cloud Credentials
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1098.002 Additional Email Delegate Permissions
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1098.003 Additional Cloud Roles
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1098.004 SSH Authorized Keys
attribute.integrity.variety.Software installation Software installation or code modification related-to T1072 Software Deployment Tools
attribute.integrity.variety.Software installation Software installation or code modification related-to T1080 Taint Shared Content
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1484 Domain or Tenant Policy Modification
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1484.001 Group Policy Modification
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1484.002 Trust Modification
attribute.integrity.variety.Defacement Deface content related-to T1491 Defacement
attribute.integrity.variety.Defacement Deface content related-to T1491.001 Internal Defacement
attribute.integrity.variety.Defacement Deface content related-to T1491.002 External Defacement
attribute.integrity.variety.Unknown Unknown related-to T1531 Account Access Removal
attribute.integrity.variety.Misrepresentation compromise of authenticity (e.g. masquerading as the legitimate owner of an account) related-to T1534 Internal Spearphishing
attribute.integrity.variety.Repurpose Repurposed asset for unauthorized function related-to T1535 Unused/Unsupported Cloud Regions
attribute.integrity.variety.Software installation Software installation or code modification related-to T1543 Create or Modify System Process
attribute.integrity.variety.Software installation Software installation or code modification related-to T1543.001 Launch Agent
attribute.integrity.variety.Software installation Software installation or code modification related-to T1543.002 Systemd Service
attribute.integrity.variety.Software installation Software installation or code modification related-to T1543.003 Windows Service
attribute.integrity.variety.Software installation Software installation or code modification related-to T1543.004 Launch Daemon
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546 Event Triggered Execution
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.001 Change Default File Association
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.002 Screensaver
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.003 Windows Management Instrumentation Event Subscription
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.004 Unix Shell Configuration Modification
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.005 Trap
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.006 LC_LOAD_DYLIB Addition
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.007 Netsh Helper DLL
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.008 Accessibility Features
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.009 AppCert DLLs
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.010 AppInit DLLs
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.011 Application Shimming
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.012 Image File Execution Options Injection
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.013 PowerShell Profile
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.014 Emond
attribute.integrity.variety.Alter behavior Influence or alter human behavior related-to T1546.015 Component Object Model Hijacking
attribute.integrity.variety.Software installation Software installation or code modification related-to T1546.016 Installer Packages
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547 Boot or Logon Autostart Execution
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547.001 Registry Run Keys / Startup Folder
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547.002 Authentication Package
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547.003 Time Providers
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547.004 Winlogon Helper DLL
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547.005 Security Support Provider
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547.006 Kernel Modules and Extensions
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547.007 Re-opened Applications
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547.008 LSASS Driver
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547.009 Shortcut Modification
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547.010 Port Monitors
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547.012 Print Processors
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1547.013 XDG Autostart Entries
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1547.014 Active Setup
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1556 Modify Authentication Process
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1556 Modify Authentication Process
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1556.001 Domain Controller Authentication
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1556.001 Domain Controller Authentication
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1566.002 Spearphishing Link
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1566.002 Spearphishing Link
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1556.003 Pluggable Authentication Modules
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1556.003 Pluggable Authentication Modules
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1556.004 Network Device Authentication
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1556.004 Network Device Authentication
attribute.integrity.variety.Modify data Modified stored data or content related-to T1565 Data Manipulation
attribute.integrity.variety.Modify data Modified stored data or content related-to T1565.001 Stored Data Manipulation
attribute.integrity.variety.Modify data Modified stored data or content related-to T1565.002 Transmitted Data Manipulation
attribute.integrity.variety.Modify data Modified stored data or content related-to T1565.003 Runtime Data Manipulation
attribute.integrity.variety.Software installation Software installation or code modification related-to T1601 Modify System Image
attribute.integrity.variety.Software installation Software installation or code modification related-to T1601.001 Patch System Image
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1556.008 Network Provider DLL
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1556.008 Network Provider DLL
attribute.integrity.variety.Modify configuration Modified configuration or services related-to T1556.009 Conditional Access Policies
attribute.integrity.variety.Modify privileges Modified privileges or permissions related-to T1556.009 Conditional Access Policies