Detections
Analytics
Software Deployment Tools
Description
Adversaries may gain access to and use third-party software suites installed within an enterprise network, such as administration, monitoring, and deployment systems, to move laterally through the network. Access to a network-wide or enterprise-wide endpoint management software system may enable an adversary to reach and execute code on all connected systems.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Identity Exposure | Entra ID | Read-only | HTTPS | Entra ID application permissions and device registrations |
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Execution, Lateral Movement
Technique: Software Deployment Tools
Products Required: Tenable Identity Exposure