IAMObject
notPresent
attemptAssume
successfulAssume
assume
deny
write
attemptLockout
successfulLockout
lockout
Identity
lockoutFromCredentials
Privileges
Group
lockoutFromMembers
Credentials
notDisclosed
notGuessable
unique
notPhishable
read
useLeakedCredentials
attemptCredentialsReuse
credentialsReuse
use
attemptPropagateOneCredentialCompromised
propagateOneCredentialCompromised
attemptCredentialTheft
credentialTheft
weakCredentials
guessCredentialsFromHash
guessCredentials
Information
delete
extract
attemptReadFromReplica
attemptWriteFromReplica
attemptDeleteFromReplica
attemptDenyFromReplica
attemptExtractFromReplica
Data
authorizedAccessFromApplication
bypassPayloadInspectionFromEncryptedData
accessUnencryptedData
accessUnsignedData
accessSpoofedData
accessDecryptedData
attemptApplicationRespondConnect
applicationRespondConnect
authorizedApplicationRespondConnectFromApplication
authorizedApplicationRespondConnectFromIAM
authorizedApplicationRespondConnect
attemptRead
successfulRead
authorizedReadFromIAM
authorizedReadFromApplication
authorizedRead
attemptWrite
successfulWrite
authorizedWriteFromIAM
authorizedWriteFromApplication
authorizedWrite
attemptDelete
successfulDelete
authorizedDeleteFromIAM
authorizedDeleteFromApplication
authorizedDelete
attemptDeny
successfulDeny
denyFromLockout
attemptReverseReach
reverseReach
Hardware
attemptUseVulnerabilityFromPhysicalAccess
successfulUseVulnerabilityFromPhysicalAccess
attemptUseVulnerabilityFromSoftwareFullAccess
useVulnerability
attemptSpreadWormThroughRemovableMedia
successfulSpreadWormThroughRemovableMedia
spreadWormThroughRemovableMedia
fullAccess
attemptSupplyChainAttack
successfulSupplyChainAttack
supplyChainAttack
bypassSupplyChainAuditing
supplyChainAuditingBypassed
physicalAccess
attemptHardwareModifications
successfulHardwareModifications
hardwareModifications
hardwareModificationsProtection
bypassHardwareModificationsProtection
hardwareModificationsProtectionBypassed
attemptUnsafeUserActivity
successfulUnsafeUserActivity
unsafeUserActivity
modify
SoftwareProduct
compromiseApplications
readApplications
modifyApplications
denyApplications
Application
attemptUseVulnerability
successfulUseVulnerability
successfulReverseReach
localConnect
networkConnectUninspected
networkConnectInspected
networkConnect
specificAccessNetworkConnect
accessNetworkAndConnections
attemptNetworkConnectFromResponse
networkConnectFromResponse
specificAccessFromLocalConnection
specificAccessFromNetworkConnection
specificAccess
bypassContainerization
authenticate
specificAccessAuthenticate
localAccess
networkAccess
physicalAccessAchieved
attackerUnsafeUserActivityCapability
attackerUnsafeUserActivityCapabilityWithReverseReach
attackerUnsafeUserActivityCapabilityWithoutReverseReach
attemptFullAccessFromSupplyChainCompromise
fullAccessFromSupplyChainCompromise
attemptReadFromSoftProdVulnerability
attemptModifyFromSoftProdVulnerability
attemptDenyFromSoftProdVulnerability
softwareProductVulnerabilityLocalAccessAchieved
softwareProductVulnerabilityNetworkAccessAchieved
softwareProductVulnerabilityPhysicalAccessAchieved
softwareProductVulnerabilityLowPrivilegesAchieved
softwareProductVulnerabilityHighPrivilegesAchieved
softwareProductVulnerabilityUserInteractionAchieved
attemptSoftwareProductAbuse
softwareProductAbuse
readFromSoftProdVulnerability
modifyFromSoftProdVulnerability
denyFromSoftProdVulnerability
attemptApplicationRespondConnectThroughData
successfulApplicationRespondConnectThroughData
applicationRespondConnectThroughData
attemptAuthorizedApplicationRespondConnectThroughData
successfulAuthorizedApplicationRespondConnectThroughData
authorizedApplicationRespondConnectThroughData
specificAccessRead
attemptModify
successfulModify
specificAccessModify
specificAccessDelete
denyFromNetworkingAsset
IDPS
bypassEffectiveness
effectivenessBypassed
PhysicalZone
gainPhysicalAccess
Network
bypassEavesdropDefenseFromPhysicalAccess
bypassAdversaryInTheMiddleDefenseFromPhysicalAccess
bypassAccessControl
accessControlBypassed
attemptAccessUninspected
attemptAccessInspected
successfulAccessUninspected
successfulAccessInspected
accessUninspected
accessInspected
networkForwardingUninspected
networkForwardingInspected
accessNetworkData
eavesdropDefense
bypassEavesdropDefense
eavesdropDefenseBypassed
attemptEavesdrop
successfulEavesdrop
eavesdrop
adversaryInTheMiddleDefense
bypassAdversaryInTheMiddleDefense
adversaryInTheMiddleDefenseBypassed
attemptAdversaryInTheMiddle
successfulAdversaryInTheMiddle
adversaryInTheMiddle
RoutingFirewall
ConnectionRule
restricted
payloadInspection
bypassRestricted
restrictedBypassed
bypassPayloadInspection
payloadInspectionBypassed
attemptAccessNetworksUninspected
attemptAccessNetworksInspected
successfulAccessNetworksUninspected
successfulAccessNetworksInspected
accessNetworksUninspected
accessNetworksInspected
attemptConnectToApplicationsUninspected
attemptConnectToApplicationsInspected
connectToApplicationsUninspected
connectToApplicationsInspected
User
noPasswordReuse
noRemovableMediaUsage
securityAwareness
bypassSecurityAwareness
securityAwarenessBypassed
oneCredentialCompromised
passwordReuseCompromise
attemptSocialEngineering
successfulSocialEngineering
socialEngineering
attemptDeliverMaliciousRemovableMedia
successfulDeliverMaliciousRemovableMedia
deliverMaliciousRemovableMedia
phishUser
Vulnerability
attemptAbuse
abuse
attemptExploit
exploit
impact
SoftwareVulnerability
inherentUserInteraction
networkAccessAchieved
localAccessAchieved
lowPrivilegesAchieved
highPrivilegesAchieved
userInteractionAchieved
exploitTrivially
exploitWithEffort
HardwareVulnerability
Contents:
socialEngineering¶