This repository has been archived by the owner on Apr 3, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 64
/
SecretManager.yaml
55 lines (55 loc) · 2.3 KB
/
SecretManager.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
version: 1
ATT&CK version: 10
creation date: 03/27/2022
last update: 04/08/2022
name: Secret Manager
contact: ctid@mitre-engenuity.org
organization: Center for Threat Informed Defense (CTID)
platform: GCP
tags:
- Data Security
description: >-
Secret Manager allows you to store, manage, and access secrets as binary blobs or text strings.
Secret Manager works well for storing configuration information such as database passwords, API
keys, or TLS certificates needed by an application at runtime.
techniques:
- id: T1528
name: Steal Application Access Token
technique-scores:
- category: Protect
value: Partial
comments: >-
This control can provide protection against attackers stealing application access tokens
if they are stored within Secret Manager. Secret Manager significantly raises the bar for
access of stored tokens by requiring legitimate credentials with proper authorization.
Applications may have to be modified to take advantage of Secret Manager and may not
always be possible to utilize.
- id: T1555
name: Credentials from Password Stores
technique-scores:
- category: Protect
value: Partial
comments: >-
This control may provide a more secure location for storing passwords. If an cloud user
account, endpoint, or application is compromised, they may have limited access to
passwords stored in Secret Manager.
- id: T1552
name: Unsecured Credentials
technique-scores:
- category: Protect
value: Partial
comments: >-
This control provides a central, secure location for storage of credentials to reduce the
possibility of attackers discovering unsecured credentials.
- id: T1040
name: Network Sniffing
technique-scores:
- category: Protect
value: Minimal
comments: >-
This control provides secure methods for accessing secrets and passwords. This can reduce
the incidents of credentials and other authentication material being transmitted in
clear-text or by insecure encryption methods. Any communication between applications or
endpoints after access to Secret Manager may not be secure.
references:
- 'https://cloud.google.com/secret-manager/docs/overview'