Permission Groups Discovery:Cloud Groups(Azure)

Description

Adversaries may attempt to find cloud groups and permission settings. The knowledge of cloud permission groups can help adversaries determine the particular roles of users and groups within an environment, as well as which users are associated with a particular group.

Products, Sensors, and Dependencies

ProductDependenciesData sourceAccess requiredProtocolData CollectedNotes
Tenable Identity ExposureEntra IDRead-onlyHTTPSAzure Groups permissions

Attack Path Technique Details

Framework: MITRE ATT&CK

Family: Discovery

Sub-Technique: Cloud Groups

Platform: Entra ID

Products Required: Tenable Identity Exposure

Tenable Release Date: 2024 Q2