Skip to content

Hide Navigation Hide TOC

Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd)

Data inventorying identifies and records the schemas, formats, volumes, and locations of data stored and used on the organization's architecture.

Cluster A Galaxy A Cluster B Galaxy B Level
Spearphishing Attachment - T1566.001 (2e34237d-8574-43f6-aace-ae2915de8597) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Credentials from Web Browsers - T1555.003 (58a3e6aa-4453-4cc8-a51f-4befe80b31a8) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Add-ins - T1137.006 (34f1d81d-fe88-4f97-bd3b-a3164536255d) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Elevated Execution with Prompt - T1548.004 (b84903f0-c7d5-435d-a69e-de47cc3578c0) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Hidden File System - T1564.005 (dfebc3b7-d19d-450b-81c7-6dafe4184c04) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Code Repositories - T1213.003 (cff94884-3b1c-4987-a70b-6d5643c621c3) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND Component Object Model Hijacking - T1546.015 (bc0f5e80-91c0-4e04-9fbb-e4e332c85dae) Attack Pattern 1
Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND /etc/passwd and /etc/shadow - T1003.008 (d0b4fcdb-d67d-4ed2-99ce-788b12f8c0f4) Attack Pattern 1
Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND VBA Stomping - T1564.007 (c898c4b5-bf36-4e6e-a4ad-5b8c4c13e35b) Attack Pattern 1
Security Account Manager - T1003.002 (1644e709-12d2-41e5-a60f-3470991f5011) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Internal Spearphishing - T1534 (9e7452df-5144-4b6e-b04a-b66dd4016747) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Query Registry - T1012 (c32f7008-9fea-41f7-8366-5eb9b74bd896) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Rogue Domain Controller - T1207 (564998d8-ab3e-4123-93fb-eccaa6b9714a) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
System Owner/User Discovery - T1033 (03d7999c-1f4c-42cc-8373-e7690d318104) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Credentials in Registry - T1552.002 (341e222a-a6e3-4f6f-b69c-831d792b1580) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Securityd Memory - T1555.002 (1a80d097-54df-41d8-9d33-34e755ec5e72) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Modify Registry - T1112 (57340c81-c025-4189-8fa0-fc7ede51bae4) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND Local Email Collection - T1114.001 (1e9eb839-294b-48cc-b0d3-c45555a2a004) Attack Pattern 1
Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND Outlook Forms - T1137.003 (a9e2cea0-c805-4bf8-9e31-f5f0513a3634) Attack Pattern 1
Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND MMC - T1218.014 (ffbcfdb0-de22-4106-9ed3-fc23c8a01407) Attack Pattern 1
Image File Execution Options Injection - T1546.012 (6d4a7fb3-5a24-42be-ae61-6728a2b581f6) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Spearphishing Link - T1566.002 (2b742742-28c3-4e1b-bab7-8350d6300fa7) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
LSA Secrets - T1003.004 (1ecfdab8-7d59-4c98-95d4-dc41970f57fc) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Mshta - T1218.005 (840a987a-99bd-4a80-a5c9-0cb2baa6cade) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
System Language Discovery - T1614.001 (c1b68a96-3c48-49ea-a6c0-9b27359f9c19) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND Credentials from Password Stores - T1555 (3fc9b85a-2862-4363-a64d-d692e3ffbee0) Attack Pattern 1
Windows Service - T1543.003 (2959d63f-73fd-46a1-abd2-109d7dcede32) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND Hidden Window - T1564.003 (cbb66055-0325-4111-aca0-40547b6ad5b0) Attack Pattern 1
Keychain - T1555.001 (1eaebf46-e361-4437-bc23-d5d65a3b92e3) Attack Pattern Data Inventory (9a661e49-0ad0-59ce-a2fe-0248b0bc04cd) MITRE D3FEND 1
Phishing - T1566 (a62a8db3-f23a-4d8f-afd6-9dbc77e7813b) Attack Pattern Spearphishing Attachment - T1566.001 (2e34237d-8574-43f6-aace-ae2915de8597) Attack Pattern 2
Credentials from Web Browsers - T1555.003 (58a3e6aa-4453-4cc8-a51f-4befe80b31a8) Attack Pattern Credentials from Password Stores - T1555 (3fc9b85a-2862-4363-a64d-d692e3ffbee0) Attack Pattern 2
Add-ins - T1137.006 (34f1d81d-fe88-4f97-bd3b-a3164536255d) Attack Pattern Office Application Startup - T1137 (2c4d4e92-0ccf-4a97-b54c-86d662988a53) Attack Pattern 2
Elevated Execution with Prompt - T1548.004 (b84903f0-c7d5-435d-a69e-de47cc3578c0) Attack Pattern Abuse Elevation Control Mechanism - T1548 (67720091-eee3-4d2d-ae16-8264567f6f5b) Attack Pattern 2
Hidden File System - T1564.005 (dfebc3b7-d19d-450b-81c7-6dafe4184c04) Attack Pattern Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) Attack Pattern 2
Data from Information Repositories - T1213 (d28ef391-8ed4-45dc-bc4a-2f43abf54416) Attack Pattern Code Repositories - T1213.003 (cff94884-3b1c-4987-a70b-6d5643c621c3) Attack Pattern 2
Event Triggered Execution - T1546 (b6301b64-ef57-4cce-bb0b-77026f14a8db) Attack Pattern Component Object Model Hijacking - T1546.015 (bc0f5e80-91c0-4e04-9fbb-e4e332c85dae) Attack Pattern 2
/etc/passwd and /etc/shadow - T1003.008 (d0b4fcdb-d67d-4ed2-99ce-788b12f8c0f4) Attack Pattern OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) Attack Pattern 2
VBA Stomping - T1564.007 (c898c4b5-bf36-4e6e-a4ad-5b8c4c13e35b) Attack Pattern Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) Attack Pattern 2
Security Account Manager - T1003.002 (1644e709-12d2-41e5-a60f-3470991f5011) Attack Pattern OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) Attack Pattern 2
Credentials in Registry - T1552.002 (341e222a-a6e3-4f6f-b69c-831d792b1580) Attack Pattern Unsecured Credentials - T1552 (435dfb86-2697-4867-85b5-2fef496c0517) Attack Pattern 2
Securityd Memory - T1555.002 (1a80d097-54df-41d8-9d33-34e755ec5e72) Attack Pattern Credentials from Password Stores - T1555 (3fc9b85a-2862-4363-a64d-d692e3ffbee0) Attack Pattern 2
Local Email Collection - T1114.001 (1e9eb839-294b-48cc-b0d3-c45555a2a004) Attack Pattern Email Collection - T1114 (1608f3e1-598a-42f4-a01a-2e252e81728f) Attack Pattern 2
Office Application Startup - T1137 (2c4d4e92-0ccf-4a97-b54c-86d662988a53) Attack Pattern Outlook Forms - T1137.003 (a9e2cea0-c805-4bf8-9e31-f5f0513a3634) Attack Pattern 2
System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) Attack Pattern MMC - T1218.014 (ffbcfdb0-de22-4106-9ed3-fc23c8a01407) Attack Pattern 2
Image File Execution Options Injection - T1546.012 (6d4a7fb3-5a24-42be-ae61-6728a2b581f6) Attack Pattern Event Triggered Execution - T1546 (b6301b64-ef57-4cce-bb0b-77026f14a8db) Attack Pattern 2
Spearphishing Link - T1566.002 (2b742742-28c3-4e1b-bab7-8350d6300fa7) Attack Pattern Phishing - T1566 (a62a8db3-f23a-4d8f-afd6-9dbc77e7813b) Attack Pattern 2
LSA Secrets - T1003.004 (1ecfdab8-7d59-4c98-95d4-dc41970f57fc) Attack Pattern OS Credential Dumping - T1003 (0a3ead4e-6d47-4ccb-854c-a6a4f9d96b22) Attack Pattern 2
Mshta - T1218.005 (840a987a-99bd-4a80-a5c9-0cb2baa6cade) Attack Pattern System Binary Proxy Execution - T1218 (457c7820-d331-465a-915e-42f85500ccc4) Attack Pattern 2
System Language Discovery - T1614.001 (c1b68a96-3c48-49ea-a6c0-9b27359f9c19) Attack Pattern System Location Discovery - T1614 (c877e33f-1df6-40d6-b1e7-ce70f16f4979) Attack Pattern 2
Windows Service - T1543.003 (2959d63f-73fd-46a1-abd2-109d7dcede32) Attack Pattern Create or Modify System Process - T1543 (106c0cf6-bf73-4601-9aa8-0945c2715ec5) Attack Pattern 2
Hide Artifacts - T1564 (22905430-4901-4c2a-84f6-98243cb173f8) Attack Pattern Hidden Window - T1564.003 (cbb66055-0325-4111-aca0-40547b6ad5b0) Attack Pattern 2
Keychain - T1555.001 (1eaebf46-e361-4437-bc23-d5d65a3b92e3) Attack Pattern Credentials from Password Stores - T1555 (3fc9b85a-2862-4363-a64d-d692e3ffbee0) Attack Pattern 2