We're updating the issue view to help you get more done. 

Network Service Scanning

Description

Adversaries may attempt to get a listing of services running on remote hosts, including those that may be vulnerable to remote software exploitation. Methods to acquire this information include port scans and vulnerability scans using tools that are brought onto a system.

Within cloud environments, adversaries may attempt to discover services running on other cloud hosts or cloud services enabled within the environment. Additionally, if the cloud environment is connected to a on-premises environment, adversaries may be able to identify services running on non-cloud systems.

id

T1046

tactic

discovery

datasources

Process command-line parameters
Network protocol analysis
Netflow/Enclave netflow
Process use of network
Packet capture

maturity

Not Tracked

Assignee

Unassigned
Configure