This repository was archived by the owner on Apr 3, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 62
/
Copy pathCloudKeyManagement.yaml
89 lines (89 loc) · 3.5 KB
/
CloudKeyManagement.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
version: 1
ATT&CK version: 10
creation date: 02/25/2022
name: Cloud Key Management
contact: [email protected]
organization: Center for Threat Informed Defense (CTID)
platform: GCP
tags:
- Credentials
description: >-
A cloud-hosted key management service that allows a user manage symmetric and asymmetric
cryptographic keys for cloud services the same way one does on-premises. It also manages
encryption keys on Google cloud.
techniques:
- id: T1552
name: Unsecured Credentials
technique-scores:
- category: Protect
value: Minimal
- id: T1552.005
name: Cloud Instance Metadata API
technique-scores:
- category: Protect
value: Significant
comments: ' This control''s protection is specific to a minority of this technique''s sub-techniques and procedure examples resulting in a Minimal Coverage score and consequently an overall score of Minimal.'
- id: T1588
name: Obtain Capabilities
technique-scores:
- category: Protect
value: Partial
comments: >-
This control manages symmetric and asymmetric cryptographic keys for cloud services and
protects against stealing credentials, certificates, keys from the organization.
- id: T1553
name: Subvert Trust Controls
technique-scores:
- category: Protect
value: Significant
comments: Protects against trust mechanisms and stealing of code signing certificates
- id: T1555
name: Credentials from Password Stores
technique-scores:
- category: Protect
value: Partial
comments: >-
This control manages symmetric and asymmetric cryptographic keys for cloud services and
protects against stealing credentials, certificates, keys from the organization.
- id: T1528
name: Steal Application Access Token
technique-scores:
- category: Protect
value: Partial
comments: >-
Provides protection against attackers stealing application access tokens if they are
stored within Cloud KMS.
- id: T1588.003
name: Code Signing Certificates
technique-scores:
- category: Protect
value: Partial
comments: >-
This control manages symmetric and asymmetric cryptographic keys for cloud services and
protects against stealing credentials, certificates, keys from the organization.
- id: T1588.004
name: Digital Certificates
technique-scores:
- category: Protect
value: Partial
comments: >-
This control manages symmetric and asymmetric cryptographic keys for cloud services and
protects against stealing credentials, certificates, keys from the organization.
- id: T1552.001
name: Credentials In Files
technique-scores:
- category: Protect
value: Minimal
comments: >-
This control's protection is specific to a minority of this technique's sub-techniques and
procedure examples resulting in a Minimal Coverage score and consequently an overall score
of Minimal.
- id: T1552.004
name: Private Keys
technique-scores:
- category: Protect
value: Minimal
comments: ' This control''s protection is specific to a minority of this technique''s sub-techniques and procedure examples resulting in a Minimal Coverage score and consequently an overall score of Minimal.'
comments: 'Similar to AWS Key Management Service, AWS Cloud HSM, and Azure KeyVault.'
references:
- 'https://cloud.google.com/security-key-management'