risks / Automated data collection


Allows an attacker to collect organizational data in a central location, or in an automatic fashion over time. Organizational data include application, customer, financial and operational data.


This risk allows an attacker to significantly increase the scope of an attack, or the sensitivity of accessed systems.


    (No mitigations for this risk)


  1. https:/​/​attack.mitre.org/​techniques/​T1119/​
  2. https:/​/​attack.mitre.org/​techniques/​T1530/​

Affected Privileges

An attacker may be able to exploit this risk if they gain any of the following privileges:

Google Cloud Platform

© 2023–present P0 Security and contributors to the IAM Privilege Catalog