Detections
Analytics
System Information Discovery
Description
An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Cloud Security | IaaS | Read-only | HTTPS | Cloud Environment variables | ||
| Tenable Vulnerability Management | Advanced Network Scan | Windows machines | Authenticated Scan | SMB | Environment Variables | Plugin ID: 92364 |
References
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Discovery
Technique: System Information Discovery
Platform: CLOUD, Windows
Products Required: Tenable Cloud Security
Tenable Release Date: 2024 Q4