Snowflake - User granted admin privileges

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index

---

Detects when user asigned admin privileges.

Attribute	Value
Type	Analytic Rule
Solution	Snowflake
ID	5ed33eee-0ab6-4bf5-9e9b-6100db83d39a
Severity	Medium
Status	Available
Kind	Scheduled
Tactics	PrivilegeEscalation
Techniques	T1078
Required Connectors	Snowflake
Source	View on GitHub

Tables Used

This content item queries data from the following tables:

Table	Transformations	Ingestion API	Lake-Only
SnowflakeLoad_CL	?	✓	?
SnowflakeLogin_CL	?	✓	?
SnowflakeMaterializedView_CL	?	✓	?
SnowflakeQuery_CL	?	✓	?
SnowflakeRoleGrant_CL	?	✓	?
SnowflakeRoles_CL	?	✓	?
SnowflakeTableStorageMetrics_CL	?	✓	?
SnowflakeTables_CL	?	✓	?
SnowflakeUserGrant_CL	?	✓	?
SnowflakeUsers_CL	?	✓	?
Snowflake_CL 🔶	?	✓	?

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Analytic Rules · Back to Snowflake