CCC.Core.TH15: Automated Enumeration and Reconnaissance by Non-human Entities
Threat ID:CCC.Core.TH15
Title:Automated Enumeration and Reconnaissance by Non-human Entities
Description:
Automated processes may be used to gather details about service and child resource elements such as APIs, file systems, or directories. This information can reveal vulnerabilities, misconfigurations, and the network topology, which can be used to plan an attack against the system, the service, or its child resources.
External Mappings
| Reference ID | Entry ID | Strength | Remarks |
|---|---|---|---|
MITRE-ATT&CK | T1580 | 0 | Cloud Infrastructure Discovery |
Controls
| ID | Title | Objective | Control Family | Threat Mappings | Guideline Mappings | Assessment Requirements |
|---|---|---|---|---|---|---|
| CCC.Core.C07 | Alert on Unusual Enumeration Activity | Ensure that logs and associated alerts are generated when unusual enumeration activity is detected that may indicate reconnaissance activities. | Logging & Monitoring | 1 | 4 | 2 |