Mitre AWS Attack Framework
MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. MITRE mission is to bring communities together to develop more effective cybersecurity.
| Control | Description |
|---|---|
| Exploit Public-Facing Application | Control should prevent adversaries who may attempt to take advantage of a weakness in an Internet-facing computer or program using software, data, or commands in order to cause unintended or unanticipated behavior. |
| Trusted Relationships | Monitor activity conducted by second and third-party providers and other trusted entities that may be leveraged as a means to gain access to the network. |
| Valid accounts | Valid accounts should be protected to prevent invalid access |
| Account Manipulation | Measures should be put in place to prevent the manipulation of accounts giving access to systems. |
| Create Account | Account creation should be restricted to only privileged accounts. |
| Implant Container Image | Controls should be in place to prevent attackers from implanting container images with malicious code. |
| Exploitation for Privilege Escalation | Privilege escalation on valid accounts should be curbed. |
| Impair Defences | Necessary permissions should be in place to prevent defence mechanisms modification in a bid to impair defence mechanisms in place. |
| Modify Cloud Compute Infrastructure | Modification of Cloud compute infrastructure should be detected and prevented. |
| Unused/Unsupported Cloud Regions | Cloud access from unsupported regions should be detected and prevented. |
| Brute Force | Additional password controls are needed to ensure password security is not bypassed. |
| Unsecured Credentials | Misplaced or insecurely stored credentials could result in breaches if attackers come in contact and thus should be well secured. |
| Network Scanning | Measures should be put to prevent system services from being enlisted as part of reconnaissance by attackers. |
| Data from Cloud Storage Object | Data in cloud storage should have appropriate measures to maintain integrity and confidentiality. |
| Defacement | Disaster recovery procedures prevent the consequences that might be incurred during a defacement. |
| Endpoint Denial of Service | Attackers' attempts to deny legitimate users access to endpoint services should be prevented. |
| Network Denial of Service | Attackers' attempts to deny legitimate users access to network services should be prevented. |
To View the Compliance Programs available visit Compliance in your Aqua CSPM Console, and select Defaults or Custom to filter the programs displayed, you can also expand the program control details using the Expand Settings toggle.
Did you find it helpful? Yes No
Send feedbackSorry we couldn't be helpful. Help us improve this article with your feedback.