IAM Related Incidents
Summary | To measure IAM related incidents, it is necessary to define what is an IAM related incident. This requires a classification of IAM related incident classes. This page is a placeholder where to progressively consolidate references to IAM related incident classes. |
---|---|
TODO | Consider moving this classification to a dedicated Incident Classes wiki space to provide plenty of room for documentation and extensions. |
Approach
In order to enable the measurement of IAM related, it is necessary to establish a classification of IAM related incident classes. At this point, this page is a placeholder where references to IAM related incident classes are progressively inventories. It is by no mean complete.
Call for contributions
If you are aware of classes not yet referenced on this page or if you are aware of complementary source references, please let us know and contribute.
Classification
Class | Definition | Sources |
---|---|---|
Phishing | Class: Information Gathering Attempt to gather information on a user or a system through phishing methods. Including;
| https://open-measure.atlassian.net/wiki/spaces/BIB/pages/148340737 |
Login attempt | Class: Intrusion Attempt and Intrusion Attempt to log in to services or authentication / access control mechanisms. Including:
| https://open-measure.atlassian.net/wiki/spaces/BIB/pages/148340737 |
Unauthorised access to a system or component by bypassing an access control system in place. | Class: Intrusion Type: (Successful) Exploitation of vulnerability Actual intrusion by exploiting vulnerability in the system, component or network. Unauthorised access to a system or component by bypassing an access control system in place. (Control system bypass: (Art. 2 [A], Art. 3 and 7 [F]) | https://open-measure.atlassian.net/wiki/spaces/BIB/pages/148340737 |
Compromising an account | Class: Intrusion Actual intrusion in a system, component or network by compromising a user or administrator account. Unauthorised access to a system or component by using stolen access credentials. (Theft of access credentials: Art. 6 [A], Art. 3 and 7 [F]) | https://open-measure.atlassian.net/wiki/spaces/BIB/pages/148340737 |
Unauthorised access | Class: Information Security Unauthorised access to a particular set of information Unauthorised access to a system or component (Unauthorised access to a system: - Art. 2 [A] - Art. 3 and 7 [F]) Unauthorised access to a set of information (Unauthorised access to information: - Art. 2 [A] - Art. 3 and 7 [F] - Art. 5, 6 and 25 [G]) Unauthorised access to and sharing of a specific set of information (Data exfiltration: - Art. 2 [A]) | https://open-measure.atlassian.net/wiki/spaces/BIB/pages/148340737 |
Unauthorised modification/deletion | Class: Information Security Class description: Unauthorised change or elimination of a particular set of information. Unauthorised changes to a specific set of information (Modification of information: - Art. 4, 7 and 8 [A] - Art. 5 [F]) Unauthorised deleting of a specific set of information (Deleting of information: - Art. 4 [A] - Art. 5 [F]) | https://open-measure.atlassian.net/wiki/spaces/BIB/pages/148340737 |
Other IAM related incident | Â | Â |
Non-IAM related incident | Â | Â |
Â
Follow us on LinkedIn | Discuss on Slack | Support us with Patreon | Sign-up for a free membership.
This wiki is owned by Open Measure, a non-profit association. The original content we publish is licensed under a Creative Commons Attribution 4.0 International License.