ABOUT
Overview
Use Cases
Mapping Methodology
Scoring Rubric
Related Projects
ATT&CK OBJECTS
Matrix
Tactics
Techniques
MAPPING FRAMEWORKS
About Mappings
Amazon Web Services (AWS)
Azure
CVE
Google Cloud Platform (GCP)
NIST 800-53
M365
VERIS
You're currently viewing ATT&CK Version 16.1 Enterprise and AWS 12.12.2024.
Change versions here.
Home
Mapping Frameworks
AWS Home
AWS Network Firewall Capability Group
AWS
AWS Network Firewall
Capability Group
All Mappings
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
AWS
12.12.2024
Change Versions
Capability ID
Capability Description
Category
Value
ATT&CK ID
ATT&CK Name
aws_network_firewall
AWS Network Firewall
protect
partial
T1008
Fallback Channels
aws_network_firewall
AWS Network Firewall
protect
partial
T1018
Remote System Discovery
aws_network_firewall
AWS Network Firewall
protect
partial
T1021
Remote Services
aws_network_firewall
AWS Network Firewall
protect
partial
T1021.001
Remote Desktop Protocol
aws_network_firewall
AWS Network Firewall
protect
partial
T1021.002
SMB/Windows Admin Shares
aws_network_firewall
AWS Network Firewall
protect
partial
T1021.004
SSH
aws_network_firewall
AWS Network Firewall
protect
partial
T1021.005
VNC
aws_network_firewall
AWS Network Firewall
protect
partial
T1021.006
Windows Remote Management
aws_network_firewall
AWS Network Firewall
protect
partial
T1041
Exfiltration Over C2 Channel
aws_network_firewall
AWS Network Firewall
protect
partial
T1046
Network Service Scanning
aws_network_firewall
AWS Network Firewall
protect
partial
T1048
Exfiltration Over Alternative Protocol
aws_network_firewall
AWS Network Firewall
protect
partial
T1048.001
Exfiltration Over Symmetric Encrypted Non-C2 Protocol
aws_network_firewall
AWS Network Firewall
protect
partial
T1048.002
Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
aws_network_firewall
AWS Network Firewall
protect
partial
T1048.003
Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
aws_network_firewall
AWS Network Firewall
protect
significant
T1071
Application Layer Protocol
aws_network_firewall
AWS Network Firewall
protect
significant
T1071.001
Web Protocols
aws_network_firewall
AWS Network Firewall
protect
significant
T1071.002
File Transfer Protocols
aws_network_firewall
AWS Network Firewall
protect
significant
T1071.003
Mail Protocols
aws_network_firewall
AWS Network Firewall
protect
significant
T1071.004
DNS
aws_network_firewall
AWS Network Firewall
protect
partial
T1090
Proxy
aws_network_firewall
AWS Network Firewall
protect
partial
T1090.002
External Proxy
aws_network_firewall
AWS Network Firewall
protect
partial
T1090.003
Multi-hop Proxy
aws_network_firewall
AWS Network Firewall
protect
significant
T1095
Non-Application Layer Protocol
aws_network_firewall
AWS Network Firewall
protect
partial
T1104
Multi-Stage Channels
aws_network_firewall
AWS Network Firewall
protect
partial
T1133
External Remote Services
aws_network_firewall
AWS Network Firewall
protect
significant
T1187
Forced Authentication
aws_network_firewall
AWS Network Firewall
protect
partial
T1205
Traffic Signaling
aws_network_firewall
AWS Network Firewall
protect
partial
T1205.001
Port Knocking
aws_network_firewall
AWS Network Firewall
protect
partial
T1205.002
Socket Filters
aws_network_firewall
AWS Network Firewall
protect
partial
T1219
Remote Access Software
aws_network_firewall
AWS Network Firewall
protect
minimal
T1498
Network Denial of Service
aws_network_firewall
AWS Network Firewall
protect
minimal
T1498.001
Direct Network Flood
aws_network_firewall
AWS Network Firewall
protect
minimal
T1498.002
Reflection Amplification
aws_network_firewall
AWS Network Firewall
protect
partial
T1499
Endpoint Denial of Service
aws_network_firewall
AWS Network Firewall
protect
partial
T1499.001
OS Exhaustion Flood
aws_network_firewall
AWS Network Firewall
protect
partial
T1499.002
Service Exhaustion Flood
aws_network_firewall
AWS Network Firewall
protect
partial
T1499.003
Application Exhaustion Flood
aws_network_firewall
AWS Network Firewall
protect
partial
T1530
Data from Cloud Storage Object
aws_network_firewall
AWS Network Firewall
protect
minimal
T1542
Pre-OS Boot
aws_network_firewall
AWS Network Firewall
protect
partial
T1542.005
TFTP Boot
aws_network_firewall
AWS Network Firewall
protect
significant
T1571
Non-Standard Port
aws_network_firewall
AWS Network Firewall
protect
partial
T1572
Protocol Tunneling
aws_network_firewall
AWS Network Firewall
detect
partial
T1589
Gather Victim Identity Information
aws_network_firewall
AWS Network Firewall
detect
minimal
T1589.001
Credentials
aws_network_firewall
AWS Network Firewall
detect
partial
T1589.002
Email Addresses
aws_network_firewall
AWS Network Firewall
detect
minimal
T1589.003
Employee Names
aws_network_firewall
AWS Network Firewall
protect
partial
T1590
Gather Victim Network Information
aws_network_firewall
AWS Network Firewall
protect
partial
T1590.001
Domain Properties
aws_network_firewall
AWS Network Firewall
protect
partial
T1590.004
Network Topology
aws_network_firewall
AWS Network Firewall
protect
partial
T1590.005
IP Addresses
aws_network_firewall
AWS Network Firewall
protect
partial
T1590.006
Network Security Appliances
aws_network_firewall
AWS Network Firewall
protect
partial
T1595
Active Scanning
aws_network_firewall
AWS Network Firewall
protect
partial
T1595.001
Scanning IP Blocks
aws_network_firewall
AWS Network Firewall
protect
partial
T1595.002
Vulnerability Scanning
Capabilities
ATT&CK Version
16.1
ATT&CK Domain
Enterprise
AWS
12.12.2024
Change Versions
Capability ID
Capability Name
Number of Mappings
aws_network_firewall
AWS Network Firewall
54