CCC.TH11: Event Notifications are Incorrectly Triggered
Threat ID:CCC.TH11
Title:Event Notifications are Incorrectly Triggered
Description:
Malicious actors may exploit event notifications to trigger sensitive operations or access patterns. Alternately, attackers may flood the system with notifications to obfuscate another attack or overwhelm the service to disrupt legitimate operations.
Related Features:
| ID | Title | Description |
|---|---|---|
| CCC.F07 | Event Notifications | Publishes events for creation, deletion, and modification of objects in a way that enables users to trigger actions in response. |
| CCC.F17 | Alerting | Provides the ability to set an alarm based on performance metrics, logs, events or spending thresholds of the service. |