Account Hijacking

Select Reports > Portal > Repository > Standard Content > Cloud > CSA > The Treacherous 12.

CSA identifies the hijacking of accounts and services as an ongoing, top threat. Malicious users might hijack accounts by phishing, fraud, and exploiting software vulnerabilities. In the cloud, the hijackers can eavesdrop on organizational activities, manipulate data, and redirect your clients.

Dashboards	Reports
Account Hijacking Vulnerabilities Man in the Middle Attacks Phishing Attacks Principal Invoked an API Commonly used to Discover Information Associated with AWS Account	Broken Authentication and Session Management

Dashboards

Reports

Account Hijacking Vulnerabilities

Man in the Middle Attacks

Phishing Attacks

Principal Invoked an API Commonly used to Discover Information Associated with AWS Account

Broken Authentication and Session Management

Account Hijacking Vulnerabilities: Provides charts of the top 10 vulnerabilities and the number of vulnerabilities over time. This dashboard also includes a table of the vulnerabilities, so you can review the reporting vendor or device, agent severity, asset, and the asset’s zone.
Man in the Middle Attack: Provides charts that show man in the middle events by time, source address, destination address, source MAC address, and destination MAC address.
Phishing Attacks: Provides charts that show the phishing attacks against the organization.
Principal Invoked an API Commonly used to Discover Information Associated with AWS account: Provides charts that show the principals invoked by an API commonly used to discover information associated with AWS accounts.
Broken Authentication and Session Management: Lists the events that might be associated with broken authentication (possibly hijacked credentials) and session management issues reported by vulnerability scanners in the organization.