Threat actors may attempt to modify hierarchical structures in infrastructure-as-a-service (IaaS) environments in order to evade defenses.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.