Cloud & Identity Compromise

Unauthorized access to cloud infrastructure or identity provider through stolen tokens, OAuth abuse, or misconfigured access policies.

Triage

4 procedures

Containment

4 procedures
Sponsored

Preservation

5 procedures

Collection

7 procedures

Analysis

5 procedures

Eradication

4 procedures

Recovery

1 procedure

Post-Incident Review

4 procedures