CCC.Monitor.TH04: External Monitoring Access
Threat ID:CCC.Monitor.TH04
Title:External Monitoring Access
Description:
If an external monitoring system is compromised, it acts as a trusted external remote service and can then access internal services which would otherwise not be accessible directly.
External Mappings
| Reference ID | Entry ID | Strength | Remarks |
|---|---|---|---|
MITRE-ATT&CK | T1133 | 0 | External Remote Services |
Controls
| ID | Title | Objective | Control Family | Threat Mappings | Guideline Mappings | Assessment Requirements |
|---|---|---|---|---|---|---|
| CCC.Monitor.C03 | Access External Monitoring | Control access to Synthetic monitoring solutions using API keys or Certificate based authentication to ensure they don't become an attack path, preventing monitoring systems from forging network requests to gain access to internal systems. | Identity and Access Management | 1 | 4 | 1 |