Detections
Analytics
Cloud Storage Object Discovery
Description
Adversaries may enumerate objects in cloud storage infrastructure. Adversaries may use this information during automated discovery to shape follow-on behaviors, including requesting all or specific objects from cloud storage. Similar to [File and Directory Discovery](https://attack.mitre.org/techniques/T1083) on a local host, after identifying available storage services (i.e. [Cloud Infrastructure Discovery](https://attack.mitre.org/techniques/T1580)) adversaries may access the contents/objects stored in cloud infrastructure.
Products, Sensors, and Dependencies
| Product | Dependencies | Data source | Access required | Protocol | Data Collected | Notes |
|---|---|---|---|---|---|---|
| Tenable Cloud Security | AWS IaaS | Read-only | HTTPS | AWS policies | ||
| Tenable Cloud Security | Azure IaaS | Read-only | HTTPS | Azure role assignment | ||
| Tenable Cloud Security | GCP IaaS | Read-only | HTTPS | GPC permissions |
Attack Path Technique Details
Framework: MITRE ATT&CK
Family: Discovery
Technique: Cloud Storage Object Discovery
Products Required: Tenable Cloud Security