MITRE ATT&CK is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. MITRE mission is to bring communities together to develop more effective cybersecurity.


ControlDescription
Exploit Public-Facing Application
Control should prevent adversaries who may attempt to take advantage of a weakness in an Internet-facing computer or program using software, data, or commands in order to cause unintended or unanticipated behavior.
Trusted Relationships
Monitor activity conducted by second and third-party providers and other trusted entities that may be leveraged as a means to gain access to the network.
Valid accounts
Valid accounts should be protected to prevent invalid access
Account Manipulation
Measures should be put in place to prevent the manipulation of accounts giving access to systems.
Create Account
Account creation should be restricted to only privileged accounts.
Implant Container Image
Controls should be in place to prevent attackers from implanting container images with malicious code.
Exploitation for Privilege Escalation
Privilege escalation on valid accounts should be curbed.
Impair Defences
Necessary permissions should be in place to prevent defence mechanisms modification in a bid to impair defence mechanisms in place.
Modify Cloud Compute Infrastructure
Modification of Cloud compute infrastructure should be detected and prevented.
Unused/Unsupported Cloud Regions

Cloud access from unsupported regions should be detected and prevented.    

Brute Force
Additional password controls are needed to ensure password security is not bypassed.
Unsecured Credentials
Misplaced or insecurely stored credentials could result in breaches if attackers come in contact and thus should be well secured.
Network Scanning
Measures should be put to prevent system services from being enlisted as part of reconnaissance by attackers.
Data from Cloud Storage Object
Data in cloud storage should have appropriate measures to maintain integrity and confidentiality.
Defacement
Disaster recovery procedures prevent the consequences that might be incurred during a defacement.
Endpoint Denial of Service
Attackers' attempts to deny legitimate users access to endpoint services should be prevented.
Network Denial of Service
Attackers' attempts to deny legitimate users access to network services should be prevented.



To View the Compliance Programs available visit Compliance in your Aqua CSPM Console, and select Defaults or Custom to filter the programs displayed, you can also expand the program control details using the Expand Settings toggle.