Class: ServicePrivilegeAnalysis

name: ServicePrivilegeAnalysis
description: 'The Service Privilege Analysis object describes privilege analysis results
  for

  a single cloud service or resource namespace. It provides metrics on privilege

  usage, counts by type, and mappings to potential attack techniques.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Service Privilege Analysis
is_a: Object
slots:
- all_privileges_unused
- analyzed_privileges_count
- execute_count
- last_used_time
- name
- privilege_attack_info_list
- read_count
- unused_privileges_count
- write_count
slot_usage:
  all_privileges_unused:
    name: all_privileges_unused
    description: Indicates whether all privileges within this service are unused.
  analyzed_privileges_count:
    name: analyzed_privileges_count
    description: The total count of privileges analyzed within this service.
  execute_count:
    name: execute_count
    description: The count of execute-type privileges within this service.
  last_used_time:
    name: last_used_time
    description: The most recent time any privilege in this service was used.
  name:
    name: name
    description: 'The service or namespace identifier. Examples: <code>s3</code>,

      <code>ec2</code> (AWS); <code>Microsoft.Storage</code> (Azure);

      <code>storage</code> (GCP).'
    required: true
  privilege_attack_info_list:
    name: privilege_attack_info_list
    description: The list of privilege-to-attack mappings for this service.
  read_count:
    name: read_count
    description: The count of read-type privileges within this service.
  unused_privileges_count:
    name: unused_privileges_count
    description: The count of unused privileges within this service.
  write_count:
    name: write_count
    description: The count of write-type privileges within this service.

name: ServicePrivilegeAnalysis
description: 'The Service Privilege Analysis object describes privilege analysis results
  for

  a single cloud service or resource namespace. It provides metrics on privilege

  usage, counts by type, and mappings to potential attack techniques.'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Service Privilege Analysis
is_a: Object
slot_usage:
  all_privileges_unused:
    name: all_privileges_unused
    description: Indicates whether all privileges within this service are unused.
  analyzed_privileges_count:
    name: analyzed_privileges_count
    description: The total count of privileges analyzed within this service.
  execute_count:
    name: execute_count
    description: The count of execute-type privileges within this service.
  last_used_time:
    name: last_used_time
    description: The most recent time any privilege in this service was used.
  name:
    name: name
    description: 'The service or namespace identifier. Examples: <code>s3</code>,

      <code>ec2</code> (AWS); <code>Microsoft.Storage</code> (Azure);

      <code>storage</code> (GCP).'
    required: true
  privilege_attack_info_list:
    name: privilege_attack_info_list
    description: The list of privilege-to-attack mappings for this service.
  read_count:
    name: read_count
    description: The count of read-type privileges within this service.
  unused_privileges_count:
    name: unused_privileges_count
    description: The count of unused privileges within this service.
  write_count:
    name: write_count
    description: The count of write-type privileges within this service.
attributes:
  all_privileges_unused:
    name: all_privileges_unused
    description: Indicates whether all privileges within this service are unused.
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - All Privileges Unused
    rank: 1000
    alias: all_privileges_unused
    owner: ServicePrivilegeAnalysis
    domain_of:
    - ServicePrivilegeAnalysis
    range: boolean
  analyzed_privileges_count:
    name: analyzed_privileges_count
    description: The total count of privileges analyzed within this service.
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - Analyzed Privileges Count
    rank: 1000
    alias: analyzed_privileges_count
    owner: ServicePrivilegeAnalysis
    domain_of:
    - PermissionAnalysisResult
    - ServicePrivilegeAnalysis
    range: integer
  execute_count:
    name: execute_count
    description: The count of execute-type privileges within this service.
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - Execute Count
    rank: 1000
    alias: execute_count
    owner: ServicePrivilegeAnalysis
    domain_of:
    - ServicePrivilegeAnalysis
    range: integer
  last_used_time:
    name: last_used_time
    description: The most recent time any privilege in this service was used.
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - Last Used Time
    rank: 1000
    alias: last_used_time
    owner: ServicePrivilegeAnalysis
    domain_of:
    - PrivilegeInfo
    - ProgrammaticCredential
    - ServicePrivilegeAnalysis
    range: TimestampT
  name:
    name: name
    description: 'The service or namespace identifier. Examples: <code>s3</code>,

      <code>ec2</code> (AWS); <code>Microsoft.Storage</code> (Azure);

      <code>storage</code> (GCP).'
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - Name
    rank: 1000
    alias: name
    owner: ServicePrivilegeAnalysis
    domain_of:
    - AnalysisTarget
    - Observable
    - Os
    - Osint
    - Package
    - Parameter
    - PrivilegeInfo
    - San
    - Scim
    - Script
    - ServicePrivilegeAnalysis
    - SoftwareComponent
    - Sso
    - StartupItem
    - ThreatActor
    - Token
    - Entity
    - Resource
    - Account
    - Agent
    - AiModel
    - Aircraft
    - Analytic
    - ApplicationObject
    - Assessment
    - AutonomousSystem
    - Campaign
    - Check
    - CisBenchmark
    - CisBenchmarkResult
    - CisControl
    - ClassifierDetails
    - Container
    - D3fTactic
    - D3fTechnique
    - Database
    - Databucket
    - DomainContact
    - Edge
    - Endpoint
    - Enrichment
    - EnvironmentVariable
    - Evidences
    - Extension
    - Feature
    - File
    - Graph
    - Group
    - HttpCookie
    - HttpHeader
    - Idp
    - Image
    - Job
    - Kernel
    - KeyValueObject
    - LoadBalancer
    - Logger
    - Malware
    - ManagedEntity
    - MessageContext
    - Metric
    - Mitigation
    - NetworkInterface
    - Node
    - Organization
    - PeripheralDevice
    - Policy
    - ProcessEntity
    - Product
    - QueryInfo
    - Reporter
    - ResourceDetails
    - Rule
    - Scan
    - Service
    - SubTechnique
    - Table
    - Tactic
    - Technique
    - Trait
    - TransformationInfo
    - UnmannedAerialSystem
    - User
    - WebResource
    - Device
    - FtpActivity
    - RegValue
    - WinResource
    - WinService
    - PrefetchQuery
    range: string
    required: true
  privilege_attack_info_list:
    name: privilege_attack_info_list
    description: The list of privilege-to-attack mappings for this service.
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - Privilege Attack Info List
    rank: 1000
    alias: privilege_attack_info_list
    owner: ServicePrivilegeAnalysis
    domain_of:
    - ServicePrivilegeAnalysis
    range: PrivilegeAttackInfo
    multivalued: true
  read_count:
    name: read_count
    description: The count of read-type privileges within this service.
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - Read Count
    rank: 1000
    alias: read_count
    owner: ServicePrivilegeAnalysis
    domain_of:
    - ServicePrivilegeAnalysis
    range: integer
  unused_privileges_count:
    name: unused_privileges_count
    description: The count of unused privileges within this service.
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - Unused Privileges Count
    rank: 1000
    alias: unused_privileges_count
    owner: ServicePrivilegeAnalysis
    domain_of:
    - PermissionAnalysisResult
    - ServicePrivilegeAnalysis
    range: integer
  write_count:
    name: write_count
    description: The count of write-type privileges within this service.
    from_schema: https://w3id.org/lmodel/ocsf
    aliases:
    - Write Count
    rank: 1000
    alias: write_count
    owner: ServicePrivilegeAnalysis
    domain_of:
    - ServicePrivilegeAnalysis
    range: integer