SubTechniquelateral-movementATLAS

AML.T0091.000Application Access Token

What it is

Adversaries may use stolen application access tokens to bypass the typical authentication process and access restricted accounts, information, or services on remote systems. These tokens are typically stolen from users or services and used in lieu of login credentials. Application access tokens are used to make authorized API requests on behalf of a user or service and are commonly used to access resources in cloud, container-based applications, software-as-a-service (SaaS), and AI-as-a-service(AIaaS). They are commonly used for AI services such as chatbots, LLMs, and predictive inference APIs.

References

  1. https://atlas.mitre.org/techniques/AML.T0091.000

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Sub-technique
Application Access Token
Technique
Steal Application Access Token
ATLAS
Use Alternate Authentication Material
ATLAS
AI Agent Tool Credential Harvesting
ATLAS
AI Agent Tool Invocation
ATLAS tactic
AI Model Access
Sourced from MITRE ATLAS — Adversarial Threat Landscape for AI Systems. Curated by Adam Lundqvist, SQUR.