AE04 Cloud Application Abuse
| Context | Remote user interacts with a cloud application |
| Problem | Malicious usage (abuse) of cloud application from the Internet (e.g. sending spam, participating botnet, mining) after gain control on it |
| Solution | Apply intrusion detection; Apply audit of logs and events; |
| References | TIS.020 [BDU] |
| Type | ns:type_ThreatPattern |
| Victim | su:comp_CloudApplication |
| Aggressor | su:comp_RemoteUser |
| Aggr. role | ns:role_Client |
| STRIDE | |
| Threat | ns:threat_txUnauthorizedAccess; ns:threat_txUnsafeCodeExecution; ns:threat_txResourceExhaustion |