Module: Google::Cloud::SecurityCenter::V1::MitreAttack::Technique

Defined in:

proto_docs/google/cloud/securitycenter/v1/mitre_attack.rb

Overview

MITRE ATT&CK techniques that can be referenced by SCC findings. See: https://attack.mitre.org/techniques/enterprise/ Next ID: 65

Constant Summary

TECHNIQUE_UNSPECIFIED =

Unspecified value.

0

MASQUERADING =

T1036

49

MATCH_LEGITIMATE_NAME_OR_LOCATION =

T1036.005

50

BOOT_OR_LOGON_INITIALIZATION_SCRIPTS =

T1037

37

STARTUP_ITEMS =

T1037.005

38

NETWORK_SERVICE_DISCOVERY =

T1046

32

PROCESS_DISCOVERY =

T1057

56

COMMAND_AND_SCRIPTING_INTERPRETER =

T1059

6

UNIX_SHELL =

T1059.004

7

PYTHON =

T1059.006

59

EXPLOITATION_FOR_PRIVILEGE_ESCALATION =

T1068

63

PERMISSION_GROUPS_DISCOVERY =

T1069

18

CLOUD_GROUPS =

T1069.003

19

INDICATOR_REMOVAL_FILE_DELETION =

T1070.004

64

APPLICATION_LAYER_PROTOCOL =

T1071

45

DNS =

T1071.004

46

SOFTWARE_DEPLOYMENT_TOOLS =

T1072

47

VALID_ACCOUNTS =

T1078

14

DEFAULT_ACCOUNTS =

T1078.001

35

LOCAL_ACCOUNTS =

T1078.003

15

CLOUD_ACCOUNTS =

T1078.004

16

PROXY =

T1090

9

EXTERNAL_PROXY =

T1090.002

10

MULTI_HOP_PROXY =

T1090.003

11

ACCOUNT_MANIPULATION =

T1098

22

ADDITIONAL_CLOUD_CREDENTIALS =

T1098.001

40

SSH_AUTHORIZED_KEYS =

T1098.004

23

ADDITIONAL_CONTAINER_CLUSTER_ROLES =

T1098.006

58

INGRESS_TOOL_TRANSFER =

T1105

3

NATIVE_API =

T1106

4

BRUTE_FORCE =

T1110

44

SHARED_MODULES =

T1129

5

ACCESS_TOKEN_MANIPULATION =

T1134

33

TOKEN_IMPERSONATION_OR_THEFT =

T1134.001

39

EXPLOIT_PUBLIC_FACING_APPLICATION =

T1190

27

DOMAIN_POLICY_MODIFICATION =

T1484

30

DATA_DESTRUCTION =

T1485

29

SERVICE_STOP =

T1489

52

INHIBIT_SYSTEM_RECOVERY =

T1490

36

RESOURCE_HIJACKING =

T1496

8

NETWORK_DENIAL_OF_SERVICE =

T1498

17

CLOUD_SERVICE_DISCOVERY =

T1526

48

STEAL_APPLICATION_ACCESS_TOKEN =

T1528

42

ACCOUNT_ACCESS_REMOVAL =

T1531

51

STEAL_WEB_SESSION_COOKIE =

T1539

25

CREATE_OR_MODIFY_SYSTEM_PROCESS =

T1543

24

ABUSE_ELEVATION_CONTROL_MECHANISM =

T1548

34

UNSECURED_CREDENTIALS =

T1552

13

MODIFY_AUTHENTICATION_PROCESS =

T1556

28

IMPAIR_DEFENSES =

T1562

31

DISABLE_OR_MODIFY_TOOLS =

T1562.001

55

EXFILTRATION_OVER_WEB_SERVICE =

T1567

20

EXFILTRATION_TO_CLOUD_STORAGE =

T1567.002

21

DYNAMIC_RESOLUTION =

T1568

12

LATERAL_TOOL_TRANSFER =

T1570

41

MODIFY_CLOUD_COMPUTE_INFRASTRUCTURE =

T1578

26

CREATE_SNAPSHOT =

T1578.001

54

CLOUD_INFRASTRUCTURE_DISCOVERY =

T1580

53

OBTAIN_CAPABILITIES =

T1588

43

ACTIVE_SCANNING =

T1595

1

SCANNING_IP_BLOCKS =

T1595.001

2

CONTAINER_ADMINISTRATION_COMMAND =

T1609

60

ESCAPE_TO_HOST =

T1611

61

CONTAINER_AND_RESOURCE_DISCOVERY =

T1613

57

STEAL_OR_FORGE_AUTHENTICATION_CERTIFICATES =

T1649

62