/ Home /

Threat Patterns

AXXX - Architecture profile, BXXX - Compliance profile, CXXX - Privacy profile (coming soon), DXXX - IaaS Profile

• AA01 Failure Of Remote Service
• AA02 Connection Lost To Remote Service
• AA03 Data Breach By Remote Service
• AA04 Data Loss By Remote Service
• AA05 Spoofing Of Remote Service
• AB01 Failure Of Cloud Application
• AB02 Connection Lost To Cloud Application
• AC01 Malware From Cloud Application
• AC02 Public Network Access To Cloud Application
• AC03 Social Engineering Against Remote User
• AD01 Broken Authentication
• AD02 Broken Access Control
• AD03 Data Breach By Cloud Application
• AD04 Data Loss By Cloud Application
• AD05 Backup Of Cloud Application Lost
• AD06 Backup Of Cloud Application Stolen
• AD07 Logs Of Cloud Application Lost
• AD08 Logs Of Cloud Application Stolen
• AE01 DDoS Attack To Cloud Application
• AE02 EDoS Attack To Cloud Application
• AE03 Network Attacks To Cloud Application
• AE04 Cloud Application Abuse
• AE05 Block Shared Resources Of Cloud Application
• AE06 Disclosure Of Credentials Of Cloud Management Interface
• BA01 Malicious Insider In Cloud Infrastructure
• BA02 Lack Of Reserved Resources For Cloud Application
• BA03 Failure Of Resource Scaling For Cloud Application
• BA04 Hidden Dependencies Of Cloud Infrastructure
• BA05 Lack Of Resource Isolation Of Cloud Application
• BA06 Loss Of Security Control
• BA07 Poor Information Security Processes
• BA08 Audit And Certification Issues
• BA09 Security Issues Of SLA
• BA10 Service Provider Lock-In
• BA11 Software License Issues
• BA12 Confiscation Of Computer Hardware
• BA13 Restrictions Of Forensic Readiness
• BA14 Physical Access Or Theft Of Computer Equipment
• BA15 Destruction Of Data Center
• DB01 Priviledge Escalation
• DB02 Remote Code Execution
• DB03 Network Scanning
• DC01 VM Escape
• DC02 Cross-VM Side Channel
• DC03 Hypervisor Vulnerabilities
• DC04 Unsafe VM Migration
• DC05 Rogue VM Image In Repository
• DC06 Outdated VM Image In Repository
• DC07 Lack Of Network Isolation
• DC08 Unsafe VM Snapshots
• EA01 Host storage use
• EA02 Use of Container Socket
• EB01 Write Access to Volume
• EB02 Data Leak at Storage
• EB03 Data Corruption at Storage
• EC01 Use container management tools
• EC02 Container Escape
• EC03 Container Privilege Escalation
• EC04 Compromised Access Token
• EC05 Data Leak At Transfer
• EC06 Data Corruption At Transfer
• EC07 Channel Destroyed
• ED01 Access to container management interface
• ED02 Exploit Published Network Application
• ED03 Deploy Malicious Container
• ED04 Container Discovery

/ Home /