LoadBalancer Security Group Modification (7a4409fc-f8ca-45f6-8006-127d779eaad9)
Detects changes to the security groups associated with an Elastic Load Balancer (ELB) or Application Load Balancer (ALB). This can indicate that a misconfiguration allowing more traffic into the system than required, or could indicate that an attacker is attempting to enable new connections into a VPC or subnet controlled by the account.
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| Exploit Public-Facing Application - T1190 (3f886f2a-874f-4333-b794-aa6075009b1c) | Attack Pattern | LoadBalancer Security Group Modification (7a4409fc-f8ca-45f6-8006-127d779eaad9) | Sigma-Rules | 1 |