Type
Identity Mgmt.
D3FEND Tactic
Execution Isolation (D3-EI)Credential Hardening (D3-CH)
TL;DR
Controls user and machine access to resources within an organization.
Description
Identity and Access Management policies that define permissions and rules to control users' access to resources within an organization.
Techniques
Valid creds abuseAbuse access to existing KMS keyAbuse trust and privileges across accountsSSM-facilitated remote desktop connectionIAM privilege escalation