← Back to Explore
T1619
Cloud Storage Object Discovery
Adversaries may enumerate objects in cloud storage infrastructure. Adversaries may use this information during automated discovery to shape follow-on behaviors, including requesting all or specific objects from cloud storage. Similar to [File and Directory Discovery](https://attack.mitre.org/techniques/T1083) on a local host, after identifying available storage services (i.e. [Cloud Infrastructure Discovery](https://attack.mitre.org/techniques/T1580)) adversaries may access the contents/objects...
IaaS
6
Detections
2
Sources
0
Threat Actors
BY SOURCE
5elastic1sigma
PROCEDURES (5)
Cloud Monitoring2 detections
Auto-extracted: 2 detections for cloud monitoring
Credential1 detections
Auto-extracted: 1 detections for credential
Aws1 detections
Auto-extracted: 1 detections for aws
Credential1 detections
Auto-extracted: 1 detections for credential
Aws1 detections
Auto-extracted: 1 detections for aws
DETECTIONS (6)
AWS S3 Bucket Enumeration or Brute Force
elasticlow
AWS S3 Rapid Bucket Posture API Calls from a Single Principal
elasticlow
AWS S3 Unauthenticated Bucket Access by Rare Source
elasticmedium
Azure Blob Storage Container Access Level Modified
elasticlow
M365 SharePoint Search for Sensitive Content
elasticlow
Potential Bucket Enumeration on AWS
sigmalow