A mapping of IAM privileges in various systems to their potential risk of abuse.

When combined with details of how a system (and its services and components) are used, this catalog can help identify the risk of compromised or abused identities in an organization.

View the Data

Risks
Services
Risk Scores
Scopes

Use the Data

⬇️ Download this Catalog

How to Use This Catalog

This catalog has multiple intended purposes:

  • Understand the security posture associated with a specific IAM configuration.
  • Determine the effect of an IAM configuration modification on organizational security posture.
  • Create organization access policies to limit or prevent certain threat vectors.
  • Discover references detailing the security effects of specific privileges.

How This Catalog Is Organized

This catalog is broken into two main components:

Contributing

To contribute, go to the GitHub project.

© 2023–present P0 Security and contributors to the IAM Privilege Catalog