Select Reports > Portal > Repository > Standard Content > Cloud > CSA > The Treacherous 12.
CSA identifies the hijacking of accounts and services as an ongoing, top threat. Malicious users might hijack accounts by phishing, fraud, and exploiting software vulnerabilities. In the cloud, the hijackers can eavesdrop on organizational activities, manipulate data, and redirect your clients.
To search for potential threats, use the following dashboards and report:
Provides charts of the top 10 vulnerabilities and the number of vulnerabilities over time. This dashboard also includes a table of the vulnerabilities, so you can review the reporting vendor or device, agent severity, asset, and the asset’s zone.
Provides charts that show man in the middle events by time, source address, destination address, source MAC address, and destination MAC address.
Provides charts that show the phishing attacks against the organizations.
Provides charts that show the principals invoked by an API commonly used to discover information associated with AWS accounts.
Lists the events that might be associated with broken authentication (possibly hijacked credentials) and session management issues reported by vulnerability scanners in the organization.