AWS AWS Network Firewall Capability Group

All Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name
aws_network_firewall AWS Network Firewall protect partial T1008 Fallback Channels
aws_network_firewall AWS Network Firewall protect partial T1018 Remote System Discovery
aws_network_firewall AWS Network Firewall protect partial T1021 Remote Services
aws_network_firewall AWS Network Firewall protect partial T1021.001 Remote Desktop Protocol
aws_network_firewall AWS Network Firewall protect partial T1021.002 SMB/Windows Admin Shares
aws_network_firewall AWS Network Firewall protect partial T1021.004 SSH
aws_network_firewall AWS Network Firewall protect partial T1021.005 VNC
aws_network_firewall AWS Network Firewall protect partial T1021.006 Windows Remote Management
aws_network_firewall AWS Network Firewall protect partial T1041 Exfiltration Over C2 Channel
aws_network_firewall AWS Network Firewall protect partial T1046 Network Service Scanning
aws_network_firewall AWS Network Firewall protect partial T1048 Exfiltration Over Alternative Protocol
aws_network_firewall AWS Network Firewall protect partial T1048.001 Exfiltration Over Symmetric Encrypted Non-C2 Protocol
aws_network_firewall AWS Network Firewall protect partial T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
aws_network_firewall AWS Network Firewall protect partial T1048.003 Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
aws_network_firewall AWS Network Firewall protect significant T1071 Application Layer Protocol
aws_network_firewall AWS Network Firewall protect significant T1071.001 Web Protocols
aws_network_firewall AWS Network Firewall protect significant T1071.002 File Transfer Protocols
aws_network_firewall AWS Network Firewall protect significant T1071.003 Mail Protocols
aws_network_firewall AWS Network Firewall protect significant T1071.004 DNS
aws_network_firewall AWS Network Firewall protect partial T1090 Proxy
aws_network_firewall AWS Network Firewall protect partial T1090.002 External Proxy
aws_network_firewall AWS Network Firewall protect partial T1090.003 Multi-hop Proxy
aws_network_firewall AWS Network Firewall protect significant T1095 Non-Application Layer Protocol
aws_network_firewall AWS Network Firewall protect partial T1104 Multi-Stage Channels
aws_network_firewall AWS Network Firewall protect partial T1133 External Remote Services
aws_network_firewall AWS Network Firewall protect significant T1187 Forced Authentication
aws_network_firewall AWS Network Firewall protect partial T1205 Traffic Signaling
aws_network_firewall AWS Network Firewall protect partial T1205.001 Port Knocking
aws_network_firewall AWS Network Firewall protect partial T1205.002 Socket Filters
aws_network_firewall AWS Network Firewall protect partial T1219 Remote Access Software
aws_network_firewall AWS Network Firewall protect minimal T1498 Network Denial of Service
aws_network_firewall AWS Network Firewall protect minimal T1498.001 Direct Network Flood
aws_network_firewall AWS Network Firewall protect minimal T1498.002 Reflection Amplification
aws_network_firewall AWS Network Firewall protect partial T1499 Endpoint Denial of Service
aws_network_firewall AWS Network Firewall protect partial T1499.001 OS Exhaustion Flood
aws_network_firewall AWS Network Firewall protect partial T1499.002 Service Exhaustion Flood
aws_network_firewall AWS Network Firewall protect partial T1499.003 Application Exhaustion Flood
aws_network_firewall AWS Network Firewall protect partial T1530 Data from Cloud Storage Object
aws_network_firewall AWS Network Firewall protect minimal T1542 Pre-OS Boot
aws_network_firewall AWS Network Firewall protect partial T1542.005 TFTP Boot
aws_network_firewall AWS Network Firewall protect significant T1571 Non-Standard Port
aws_network_firewall AWS Network Firewall protect partial T1572 Protocol Tunneling
aws_network_firewall AWS Network Firewall detect partial T1589 Gather Victim Identity Information
aws_network_firewall AWS Network Firewall detect minimal T1589.001 Credentials
aws_network_firewall AWS Network Firewall detect partial T1589.002 Email Addresses
aws_network_firewall AWS Network Firewall detect minimal T1589.003 Employee Names
aws_network_firewall AWS Network Firewall protect partial T1590 Gather Victim Network Information
aws_network_firewall AWS Network Firewall protect partial T1590.001 Domain Properties
aws_network_firewall AWS Network Firewall protect partial T1590.004 Network Topology
aws_network_firewall AWS Network Firewall protect partial T1590.005 IP Addresses
aws_network_firewall AWS Network Firewall protect partial T1590.006 Network Security Appliances
aws_network_firewall AWS Network Firewall protect partial T1595 Active Scanning
aws_network_firewall AWS Network Firewall protect partial T1595.001 Scanning IP Blocks
aws_network_firewall AWS Network Firewall protect partial T1595.002 Vulnerability Scanning

Capabilities

Capability ID Capability Name Number of Mappings
aws_network_firewall AWS Network Firewall 54