Detections
Analytics
Remote Services: Cloud Services
Description
Adversaries may log into accessible cloud services within a compromised environment using Valid Accounts that are synchronized with or federated to on-premises user identities. The adversary may then perform management actions or access cloud-hosted resources as the logged-on user.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Cloud Security | Entra ID | Read-only | API | Azure Manage Identity Services |
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Lateral Movement
Technique: Remote Services
Sub-Technique: Cloud Services
Platform: Azure
Products Required: Tenable Cloud Security
Tenable Release Date: 2024 Q3