A mapping of IAM privileges in various systems to their potential risk of abuse.

When combined with details of how a system (and its services and components) are used, this catalog can help identify the risk of compromised or abused identities in an organization.

View the Data

Risk Scores

Use the Data

⬇️ Download this Catalog

How to Use This Catalog

This catalog has multiple intended purposes:

  • Understand the security posture associated with a specific IAM configuration.
  • Determine the effect of an IAM configuration modification on organizational security posture.
  • Create organization access policies to limit or prevent certain threat vectors.
  • Discover references detailing the security effects of specific privileges.

How This Catalog Is Organized

This catalog is broken into two main components:


To contribute, go to the GitHub project.

© 2023–present P0 Security and contributors to the IAM Privilege Catalog