Attack path
- 1 minute to read
- Print
- DarkLight
- PDF
Attack path
- 1 minute to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
In this document, you’ll find all the information about Cloud Entitlement’s Attack path page. This page shows which actions or permissions can be used to trigger an attack, escalate privileges, or exploit a vulnerability within your connected AWS accounts. You can access a detailed map on how each policy is attached to a user or group to mitigate the vulnerability accordingly.
Path to access
- Access Cloud Security.
- On the home page, click Access in the Cloud Entitlements block.
- Click Attack path on the left menu.
Attack paths list
| Item | Description |
|---|---|
| Attack | Contains the name of the policies identified as vulnerable to attacks. There are four policies in total: Attach Policy, Create Policy Version, Set Default Policy Version, and Update Assume Role. |
| Identities | Contains the number of identities that were assigned the vulnerable policy. |
By clicking on any policy from the list, you’ll access the List of identities screen for the selected policy.
List of identities screen
| Item | Description |
|---|---|
| Environment | Contains the AWS account connected to Cloud Entitlements. |
| Type | Indicates the type of the identity. Possible types are: User and Group. |
| Principal | Shows the principal name. |
| Account ID | Shows the AWS account ID. |
| Last scan check | Date/time of the last synchronization between Cloud Entitlements and AWS. |
By clicking on any principal from the list, you’ll access the Identity details modal for the selected principal.
Identity details modal
The Identity details modal shows a graphical representation of how the identity has the attached policy. It shows a map of the Services, Users, Groups, Actions, Resources, Roles, ****and Policies that lead to the attack path. This interactive map can be used to identify which action must be taken to mitigate the vulnerability, be it detaching a policy or a role from a user, removing a user from a group, or reconfiguring resources or actions.
| Item | Description |
|---|---|
| Filter | Field to filter the search for elements on the map. When a term matches the inserted pattern, the elements are visually highlighted. |
| Settings | Button to expand the map configuration options. |
| Layouts | Field to select the map model. There are three models: Radial out 2D, Force directed 2D, and Force directed 3D. |
| Zoom in | Button to zoom in on the map. |
| Zoom out | Button to zoom out on the map. |
| Reset camera | Button to reset the zoom to the initial state. Does not change the chosen layout. |
Was this article helpful?
