The adversary is attempting to gain access to an Azure Resource or Azure AD.
|AZT201||Valid Credentials||Adversaries may login to AzureAD using valid credentials.|
|.001||User Account||By obtaining valid user credentials, an adversary may login to AzureAD via command line or through the Azure Portal.|
|.002||Service Principal||By obtaining a valid secret or certificate, an adversary may login to AzureAD via command line.|
|AZT202||Password Spraying||An adversary may potentially gain access to AzureAD by guessing a common password for multiple users.|
|AZT203||Malicious Application Consent||An adversary may lure a victim into giving their access to a malicious application registered in AzureAD.|