AZT104 - Gather User Information#
An adversary may obtain information about a User within Azure Active Directory. Details may include email addresses, first/last names, job information, addresses, and assigned roles. By default, all users are able to read other user's roles and group memberships within AAD.
Resource
Azure Active Directory
Actions
- microsoft.directory/*/*/read
Examples
Detections
N/A