Synopsis
Activation Period |
14 Days |
Training Period |
30 Days |
Test Period |
10 Minutes |
Deduplication Period |
5 Days |
Required Data |
|
Detection Modules |
Cloud |
Detector Tags |
|
ATT&CK Tactic |
|
ATT&CK Technique |
|
Severity |
Informational |
Description
An identity attempted to discover cloud objects within storage buckets.
This might be an attempt by an adversary to find sensitive data stored in cloud storage, which could lead to data theft.
Attacker's Goals
Access sensitive data stored in cloud infrastructure.
Investigative actions
- Check the identity's role designation in the organization.
- Identify which storage buckets were enumerated and whether they contained sensitive information.