If an external monitoring system is compromised, it acts as a trusted external remote service and can then access internal services which would otherwise not be accessible directly.
Management / Monitoring / Threats / DEV
External Monitoring Access
CCC.Monitor.TH04
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Monitoring.CP06 | CCC.Monitoring.CP06 |
Related Controls
| ID | Title | Description |
|---|---|---|
| CCC.Monitor.CN03 | Access External Monitoring | Control access to Synthetic monitoring solutions using API keys or Certificate based authentication to ensure they don't become an attack path, preventing monitoring systems from forging network requests to gain access to internal systems. |
External Mappings
| Framework | ID | Remarks |
|---|---|---|
| MITRE-ATT&CK | T1133 | External Remote Services |