Class: PrivilegeAttackInfo

The Privilege Attack Info object groups privileges by the potential attack they

could enable. It maps specific privileges to MITRE ATT&CK techniques, helping

identify security risks associated with granted permissions.

 classDiagram
    class PrivilegeAttackInfo
    click PrivilegeAttackInfo href "../PrivilegeAttackInfo/"
      Object <|-- PrivilegeAttackInfo
        click Object href "../Object/"

      PrivilegeAttackInfo : attack





        PrivilegeAttackInfo --> "1" Attack : attack
        click Attack href "../Attack/"



      PrivilegeAttackInfo : privilege_info_list





        PrivilegeAttackInfo --> "1..*" PrivilegeInfo : privilege_info_list
        click PrivilegeInfo href "../PrivilegeInfo/"

Inheritance

OcsfObject
- Object
  - PrivilegeAttackInfo

Slots

Name	Cardinality and Range	Description	Inheritance
attack	1 Attack	The MITRE ATT&CK technique that these privileges could enable	direct
privilege_info_list	1..* PrivilegeInfo	The list of privilege information objects, where each element describes a	direct

Usages

used by	used in	type	used
ServicePrivilegeAnalysis	privilege_attack_info_list	range	PrivilegeAttackInfo

In Subsets

objects_subset

Aliases

Privilege Attack Info

Identifier and Mapping Information

Schema Source

from schema: https://w3id.org/lmodel/ocsf

Mappings

Mapping Type	Mapped Value
self	ocsf:PrivilegeAttackInfo
native	ocsf:PrivilegeAttackInfo

LinkML Source

Direct

name: PrivilegeAttackInfo
description: 'The Privilege Attack Info object groups privileges by the potential
  attack they

  could enable. It maps specific privileges to MITRE ATT&CK techniques, helping

  identify security risks associated with granted permissions.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Privilege Attack Info
is_a: Object
slots:
- attack
- privilege_info_list
slot_usage:
  attack:
    name: attack
    description: The MITRE ATT&CK technique that these privileges could enable.
    required: true
  privilege_info_list:
    name: privilege_info_list
    description: 'The list of privilege information objects, where each element describes
      a

      specific privilege that could enable the associated attack technique.'
    required: true

Induced

name: PrivilegeAttackInfo
description: 'The Privilege Attack Info object groups privileges by the potential
  attack they

  could enable. It maps specific privileges to MITRE ATT&CK techniques, helping

  identify security risks associated with granted permissions.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Privilege Attack Info
is_a: Object
slot_usage:
  attack:
    name: attack
    description: The MITRE ATT&CK technique that these privileges could enable.
    required: true
  privilege_info_list:
    name: privilege_info_list
    description: 'The list of privilege information objects, where each element describes
      a

      specific privilege that could enable the associated attack technique.'
    required: true
attributes:
  attack:
    name: attack
    description: The MITRE ATT&CK technique that these privileges could enable.
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - MITRE ATT&CK® Details
    rank: 1000
    alias: attack
    owner: PrivilegeAttackInfo
    domain_of:
    - PrivilegeAttackInfo
    range: Attack
    required: true
  privilege_info_list:
    name: privilege_info_list
    description: 'The list of privilege information objects, where each element describes
      a

      specific privilege that could enable the associated attack technique.'
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - Privilege Info List
    rank: 1000
    alias: privilege_info_list
    owner: PrivilegeAttackInfo
    domain_of:
    - PrivilegeAttackInfo
    range: PrivilegeInfo
    required: true
    multivalued: true