CCC.Core.F09: Metrics Publication
Capability ID:CCC.Core.F09
Title:Metrics Publication
Description:The service automatically publishes structured, numeric, time-series data points related to
the performance, availability, and health of the service or its child resources.
Mapped Threats
| ID | Title | Description | External Mappings | Capability Mappings | Control Mappings |
|---|---|---|---|---|---|
| CCC.Core.TH09 | Runtime Logs are Read by Unauthorized Entities | Unauthorized access to logs may expose valuable information about the system's configuration, operations, and security mechanisms. This could jeopardize system availability through the exposure of vulnerabilities and support the planning of attacks on the service, system, or network. If logs are not adequately sanitized, this may also directly impact the confidentiality of sensitive data. | 1 | 1 | 0 |
| CCC.Core.TH10 | State-change Events are Read by Unauthorized Entities | Unauthorized access to state-change events can reveal information about the system's design and usage patterns. This opens the system up to attacks of opportunity and support the planning of attacks on the service, system, or network. | 1 | 1 | 0 |
| CCC.Core.TH16 | Publications are Disabled | Publication of events, metrics, and runtime logs may be disabled, leading to a lack of expected security and operational information being shared. This can impact system availability by delaying the detection of incidents while also impacting system design decisions and enforcement of operational thresholds, such as autoscaling or cost management. | 1 | 1 | 0 |