Data Lake Governance Bypass
highdata-lake-governance-bypass
Attacker circumvents data lake access controls, column/row-level security, or data masking policies to access restricted data
Information DisclosureElevation of Privilege
MITRE ATT&CK techniques
| ID | Name | Tactic |
|---|---|---|
| T1530 | Data from Cloud Storage Object | Collection |
| T1078 | Valid Accounts | Defense Evasion |
Common Weakness Enumeration
Mitigating controls
ctrl-datalake-1- Implement centralized access control policies
ctrl-datalake-2- Enable comprehensive audit logging for all data access
ctrl-datalake-3- Use column and row-level security for sensitive data
ctrl-datalake-4- Implement data masking for sensitive fields
ctrl-datalake-5- Regularly audit and review data access patterns