Cloud Service Discovery

Type: technique

Description: Adversaries may discover and enumerate AI services in cloud environments to identify attack targets. This includes LLM APIs (Amazon Bedrock, Azure OpenAI Service, Google Cloud AI Platform), model endpoints, container registries hosting ML models, Jupyter notebooks, and vector databases.

Adversaries use cloud APIs and tools like Microsoft Graph API, Azure Resource Manager API, AWS CLI, or Google Cloud SDK to enumerate AI resources, model repositories, and access permissions. This reconnaissance helps identify vulnerable AI infrastructure for subsequent attacks.

Version: 0.1.0

Created At: 2025-07-23 10:23:39 -0400

Last Modified At: 2025-07-23 10:23:39 -0400

External References

--> Discovery (tactic): Discovering AI services provides adversaries intelligence about the target's AI infrastructure, including model types, access endpoints, container registries, and security configurations. This reconnaissance enables adversaries to map the AI attack surface, identify high-value targets like LLM APIs

MITRE ATLAS - AML.T0075

AI Agents Attack Matrix

Cloud Service Discovery

External References

Related Objects

Related Frameworks