← Back to Explore
T1538
Cloud Service Dashboard
An adversary may use a cloud service dashboard GUI with stolen credentials to gain useful information from an operational cloud environment, such as specific services, resources, and features. For example, the GCP Command Center can be used to view all assets, review findings of potential security risks, and run additional queries, such as finding public IP addresses and open ports.(Citation: Google Command Center Dashboard) Depending on the configuration of the environment, an adversary may be...
IaaSSaaSOffice SuiteIdentity Provider
2
Detections
2
Sources
1
Threat Actors
BY SOURCE
1elastic1splunk_escu
PROCEDURES (2)
Service Monitoring1 detections
Auto-extracted: 1 detections for service monitoring
Script Execution Monitoring1 detections
Auto-extracted: 1 detections for script execution monitoring