| User Account - DS0002 (0b4f86ed-f4ab-46a3-8ed1-175be1974da6) |
mitre-data-source |
User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
1 |
| User Account - DS0002 (0b4f86ed-f4ab-46a3-8ed1-175be1974da6) |
mitre-data-source |
User Account Creation (deb22295-7e37-4a3b-ac6f-c86666fbe63d) |
mitre-data-component |
1 |
| User Account - DS0002 (0b4f86ed-f4ab-46a3-8ed1-175be1974da6) |
mitre-data-source |
User Account Deletion (d6257b8e-869c-41c0-8731-fdca40858a91) |
mitre-data-component |
1 |
| User Account - DS0002 (0b4f86ed-f4ab-46a3-8ed1-175be1974da6) |
mitre-data-source |
User Account Metadata (b5d0492b-cda4-421c-8e51-ed2b8d85c5d0) |
mitre-data-component |
1 |
| User Account - DS0002 (0b4f86ed-f4ab-46a3-8ed1-175be1974da6) |
mitre-data-source |
User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
1 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Default Accounts - T1078.001 (6151cbea-819b-455a-9fa6-99a1cc58797d) |
Attack Pattern |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Network Share Connection Removal - T1070.005 (a750a9f6-0bde-4bb3-9aae-1e2786e9780c) |
Attack Pattern |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Exploitation for Credential Access - T1212 (9c306d8d-cde7-4b4c-b6e8-d0bb16caca36) |
Attack Pattern |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Cloud Service Dashboard - T1538 (e49920b0-6c54-40c1-9571-73723653205f) |
Attack Pattern |
2 |
| Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) |
Attack Pattern |
User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
2 |
| Brute Force - T1110 (a93494bb-4b80-4ea1-8695-3236a49916fd) |
Attack Pattern |
User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Rogue Domain Controller - T1207 (564998d8-ab3e-4123-93fb-eccaa6b9714a) |
Attack Pattern |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Clear Command History - T1070.003 (3aef9463-9a7a-43ba-8957-a867e07c1e6a) |
Attack Pattern |
2 |
| SAML Tokens - T1606.002 (1f9c2bae-b441-4f66-a8af-b65946ee72f2) |
Attack Pattern |
User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81) |
Attack Pattern |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Container API - T1552.007 (f8ef3a62-3f44-40a4-abca-761ab235c436) |
Attack Pattern |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Domain Accounts - T1078.002 (c3d4bdd9-2cfe-4a80-9d0c-07a29ecdce8f) |
Attack Pattern |
2 |
| Modify Authentication Process - T1556 (f4c1826f-a322-41cd-9557-562100848c84) |
Attack Pattern |
User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Password Guessing - T1110.001 (09c4c11e-4fa1-4f8c-8dad-3cf8e69ad119) |
Attack Pattern |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Local Accounts - T1078.003 (fdc47f44-dd32-4b99-af5f-209f556f63c2) |
Attack Pattern |
2 |
| Password Cracking - T1110.002 (1d24cdee-9ea2-4189-b08e-af110bf2435d) |
Attack Pattern |
User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Password Spraying - T1110.003 (692074ae-bb62-4a5e-a735-02cb6bde458c) |
Attack Pattern |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Credential Stuffing - T1110.004 (b2d03cea-aec1-45ca-9744-9ee583c1e1cc) |
Attack Pattern |
2 |
| Cloud Accounts - T1078.004 (f232fa7a-025c-4d43-abc7-318e81a73d65) |
Attack Pattern |
User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Cloud Instance Metadata API - T1552.005 (19bf235b-8620-4997-b5b4-94e0659ed7c3) |
Attack Pattern |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Pass the Hash - T1550.002 (e624264c-033a-424d-9fd7-fc9c3bbdb03e) |
Attack Pattern |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Use Alternate Authentication Material - T1550 (51a14c76-dd3b-440b-9c20-2bf91d25a814) |
Attack Pattern |
2 |
| Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517) |
Attack Pattern |
User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Pass the Ticket - T1550.003 (7b211ac6-c815-4189-93a9-ab415deca926) |
Attack Pattern |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Multi-Factor Authentication - T1556.006 (b4409cd8-0da9-46e1-a401-a241afd4d1cc) |
Attack Pattern |
2 |
| User Account Authentication (a953ca55-921a-44f7-9b8d-3d40141aa17e) |
mitre-data-component |
Multi-Factor Authentication Request Generation - T1621 (954a1639-f2d6-407d-aef3-4917622ca493) |
Attack Pattern |
2 |
| Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) |
Attack Pattern |
User Account Creation (deb22295-7e37-4a3b-ac6f-c86666fbe63d) |
mitre-data-component |
2 |
| User Account Creation (deb22295-7e37-4a3b-ac6f-c86666fbe63d) |
mitre-data-component |
Cloud Account - T1136.003 (a009cb25-4801-4116-9105-80a91cf15c1b) |
Attack Pattern |
2 |
| Domain Account - T1136.002 (7610cada-1499-41a4-b3dd-46467b68d177) |
Attack Pattern |
User Account Creation (deb22295-7e37-4a3b-ac6f-c86666fbe63d) |
mitre-data-component |
2 |
| Create Account - T1136 (e01be9c5-e763-4caf-aeb7-000b416aef67) |
Attack Pattern |
User Account Creation (deb22295-7e37-4a3b-ac6f-c86666fbe63d) |
mitre-data-component |
2 |
| Hidden Users - T1564.002 (8c4aef43-48d5-49aa-b2af-c0cd58d30c3d) |
Attack Pattern |
User Account Creation (deb22295-7e37-4a3b-ac6f-c86666fbe63d) |
mitre-data-component |
2 |
| User Account Creation (deb22295-7e37-4a3b-ac6f-c86666fbe63d) |
mitre-data-component |
Local Account - T1136.001 (635cbe30-392d-4e27-978e-66774357c762) |
Attack Pattern |
2 |
| Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) |
Attack Pattern |
User Account Deletion (d6257b8e-869c-41c0-8731-fdca40858a91) |
mitre-data-component |
2 |
| Clear Persistence - T1070.009 (d2c4e5ea-dbdf-4113-805a-b1e2a337fb33) |
Attack Pattern |
User Account Deletion (d6257b8e-869c-41c0-8731-fdca40858a91) |
mitre-data-component |
2 |
| Account Access Removal - T1531 (b24e2a20-3b3d-4bf0-823b-1ed765398fb0) |
Attack Pattern |
User Account Deletion (d6257b8e-869c-41c0-8731-fdca40858a91) |
mitre-data-component |
2 |
| Password Policy Discovery - T1201 (b6075259-dba3-44e9-87c7-e954f37ec0d5) |
Attack Pattern |
User Account Metadata (b5d0492b-cda4-421c-8e51-ed2b8d85c5d0) |
mitre-data-component |
2 |
| Access Token Manipulation - T1134 (dcaa092b-7de9-4a21-977f-7fcb77e89c48) |
Attack Pattern |
User Account Metadata (b5d0492b-cda4-421c-8e51-ed2b8d85c5d0) |
mitre-data-component |
2 |
| SID-History Injection - T1134.005 (b7dc639b-24cd-482d-a7f1-8897eda21023) |
Attack Pattern |
User Account Metadata (b5d0492b-cda4-421c-8e51-ed2b8d85c5d0) |
mitre-data-component |
2 |
| Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) |
Attack Pattern |
User Account Metadata (b5d0492b-cda4-421c-8e51-ed2b8d85c5d0) |
mitre-data-component |
2 |
| Reversible Encryption - T1556.005 (d50955c2-272d-4ac8-95da-10c29dda1c48) |
Attack Pattern |
User Account Metadata (b5d0492b-cda4-421c-8e51-ed2b8d85c5d0) |
mitre-data-component |
2 |
| Hidden Users - T1564.002 (8c4aef43-48d5-49aa-b2af-c0cd58d30c3d) |
Attack Pattern |
User Account Metadata (b5d0492b-cda4-421c-8e51-ed2b8d85c5d0) |
mitre-data-component |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Account Access Removal - T1531 (b24e2a20-3b3d-4bf0-823b-1ed765398fb0) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Disable or Modify Cloud Logs - T1562.008 (cacc40da-4c9e-462c-80d5-fd70a178b12d) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Account Manipulation - T1098 (a10641f4-87b4-45a3-a906-92a149cb2c27) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Device Registration - T1098.005 (7decb26c-715c-40cf-b7e0-026f7d7cc215) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Abuse Elevation Control Mechanism - T1548 (67720091-eee3-4d2d-ae16-8264567f6f5b) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Steal Application Access Token - T1528 (890c9858-598c-401d-a4d5-c67ebcdd703a) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Additional Cloud Credentials - T1098.001 (8a2f40cf-8325-47f9-96e4-b1ca4c7389bd) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Additional Cloud Roles - T1098.003 (2dbbdcd5-92cf-44c0-aea2-fe24783a6bc3) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Multi-Factor Authentication - T1556.006 (b4409cd8-0da9-46e1-a401-a241afd4d1cc) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Temporary Elevated Cloud Access - T1548.005 (6fa224c7-5091-4595-bf15-3fc9fe2f2c7c) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Additional Email Delegate Permissions - T1098.002 (e74de37c-a829-446c-937d-56a44f0e9306) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Modify Authentication Process - T1556 (f4c1826f-a322-41cd-9557-562100848c84) |
Attack Pattern |
2 |
| User Account Modification (d27b0089-2c39-4b6c-84ff-303e48657e77) |
mitre-data-component |
Additional Container Cluster Roles - T1098.006 (35d30338-5bfa-41b0-a170-ec06dfd75f64) |
Attack Pattern |
2 |
| Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81) |
Attack Pattern |
Default Accounts - T1078.001 (6151cbea-819b-455a-9fa6-99a1cc58797d) |
Attack Pattern |
3 |
| Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) |
Attack Pattern |
Network Share Connection Removal - T1070.005 (a750a9f6-0bde-4bb3-9aae-1e2786e9780c) |
Attack Pattern |
3 |
| Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) |
Attack Pattern |
Clear Command History - T1070.003 (3aef9463-9a7a-43ba-8957-a867e07c1e6a) |
Attack Pattern |
3 |
| SAML Tokens - T1606.002 (1f9c2bae-b441-4f66-a8af-b65946ee72f2) |
Attack Pattern |
Forge Web Credentials - T1606 (94cb00a4-b295-4d06-aa2b-5653b9c1be9c) |
Attack Pattern |
3 |
| Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517) |
Attack Pattern |
Container API - T1552.007 (f8ef3a62-3f44-40a4-abca-761ab235c436) |
Attack Pattern |
3 |
| Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81) |
Attack Pattern |
Domain Accounts - T1078.002 (c3d4bdd9-2cfe-4a80-9d0c-07a29ecdce8f) |
Attack Pattern |
3 |
| Brute Force - T1110 (a93494bb-4b80-4ea1-8695-3236a49916fd) |
Attack Pattern |
Password Guessing - T1110.001 (09c4c11e-4fa1-4f8c-8dad-3cf8e69ad119) |
Attack Pattern |
3 |
| Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81) |
Attack Pattern |
Local Accounts - T1078.003 (fdc47f44-dd32-4b99-af5f-209f556f63c2) |
Attack Pattern |
3 |
| Password Cracking - T1110.002 (1d24cdee-9ea2-4189-b08e-af110bf2435d) |
Attack Pattern |
Brute Force - T1110 (a93494bb-4b80-4ea1-8695-3236a49916fd) |
Attack Pattern |
3 |
| Brute Force - T1110 (a93494bb-4b80-4ea1-8695-3236a49916fd) |
Attack Pattern |
Password Spraying - T1110.003 (692074ae-bb62-4a5e-a735-02cb6bde458c) |
Attack Pattern |
3 |
| Brute Force - T1110 (a93494bb-4b80-4ea1-8695-3236a49916fd) |
Attack Pattern |
Credential Stuffing - T1110.004 (b2d03cea-aec1-45ca-9744-9ee583c1e1cc) |
Attack Pattern |
3 |
| Cloud Accounts - T1078.004 (f232fa7a-025c-4d43-abc7-318e81a73d65) |
Attack Pattern |
Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81) |
Attack Pattern |
3 |
| Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517) |
Attack Pattern |
Cloud Instance Metadata API - T1552.005 (19bf235b-8620-4997-b5b4-94e0659ed7c3) |
Attack Pattern |
3 |
| Use Alternate Authentication Material - T1550 (51a14c76-dd3b-440b-9c20-2bf91d25a814) |
Attack Pattern |
Pass the Hash - T1550.002 (e624264c-033a-424d-9fd7-fc9c3bbdb03e) |
Attack Pattern |
3 |
| Use Alternate Authentication Material - T1550 (51a14c76-dd3b-440b-9c20-2bf91d25a814) |
Attack Pattern |
Pass the Ticket - T1550.003 (7b211ac6-c815-4189-93a9-ab415deca926) |
Attack Pattern |
3 |
| Modify Authentication Process - T1556 (f4c1826f-a322-41cd-9557-562100848c84) |
Attack Pattern |
Multi-Factor Authentication - T1556.006 (b4409cd8-0da9-46e1-a401-a241afd4d1cc) |
Attack Pattern |
3 |
| Create Account - T1136 (e01be9c5-e763-4caf-aeb7-000b416aef67) |
Attack Pattern |
Cloud Account - T1136.003 (a009cb25-4801-4116-9105-80a91cf15c1b) |
Attack Pattern |
3 |
| Create Account - T1136 (e01be9c5-e763-4caf-aeb7-000b416aef67) |
Attack Pattern |
Domain Account - T1136.002 (7610cada-1499-41a4-b3dd-46467b68d177) |
Attack Pattern |
3 |
| Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) |
Attack Pattern |
Hidden Users - T1564.002 (8c4aef43-48d5-49aa-b2af-c0cd58d30c3d) |
Attack Pattern |
3 |
| Create Account - T1136 (e01be9c5-e763-4caf-aeb7-000b416aef67) |
Attack Pattern |
Local Account - T1136.001 (635cbe30-392d-4e27-978e-66774357c762) |
Attack Pattern |
3 |
| Indicator Removal - T1070 (799ace7f-e227-4411-baa0-8868704f2a69) |
Attack Pattern |
Clear Persistence - T1070.009 (d2c4e5ea-dbdf-4113-805a-b1e2a337fb33) |
Attack Pattern |
3 |
| Access Token Manipulation - T1134 (dcaa092b-7de9-4a21-977f-7fcb77e89c48) |
Attack Pattern |
SID-History Injection - T1134.005 (b7dc639b-24cd-482d-a7f1-8897eda21023) |
Attack Pattern |
3 |
| Modify Authentication Process - T1556 (f4c1826f-a322-41cd-9557-562100848c84) |
Attack Pattern |
Reversible Encryption - T1556.005 (d50955c2-272d-4ac8-95da-10c29dda1c48) |
Attack Pattern |
3 |
| Impair Defenses - T1562 (3d333250-30e4-4a82-9edc-756c68afc529) |
Attack Pattern |
Disable or Modify Cloud Logs - T1562.008 (cacc40da-4c9e-462c-80d5-fd70a178b12d) |
Attack Pattern |
3 |
| Account Manipulation - T1098 (a10641f4-87b4-45a3-a906-92a149cb2c27) |
Attack Pattern |
Device Registration - T1098.005 (7decb26c-715c-40cf-b7e0-026f7d7cc215) |
Attack Pattern |
3 |
| Additional Cloud Credentials - T1098.001 (8a2f40cf-8325-47f9-96e4-b1ca4c7389bd) |
Attack Pattern |
Account Manipulation - T1098 (a10641f4-87b4-45a3-a906-92a149cb2c27) |
Attack Pattern |
3 |
| Account Manipulation - T1098 (a10641f4-87b4-45a3-a906-92a149cb2c27) |
Attack Pattern |
Additional Cloud Roles - T1098.003 (2dbbdcd5-92cf-44c0-aea2-fe24783a6bc3) |
Attack Pattern |
3 |
| Temporary Elevated Cloud Access - T1548.005 (6fa224c7-5091-4595-bf15-3fc9fe2f2c7c) |
Attack Pattern |
Abuse Elevation Control Mechanism - T1548 (67720091-eee3-4d2d-ae16-8264567f6f5b) |
Attack Pattern |
3 |
| Account Manipulation - T1098 (a10641f4-87b4-45a3-a906-92a149cb2c27) |
Attack Pattern |
Additional Email Delegate Permissions - T1098.002 (e74de37c-a829-446c-937d-56a44f0e9306) |
Attack Pattern |
3 |
| Account Manipulation - T1098 (a10641f4-87b4-45a3-a906-92a149cb2c27) |
Attack Pattern |
Additional Container Cluster Roles - T1098.006 (35d30338-5bfa-41b0-a170-ec06dfd75f64) |
Attack Pattern |
3 |