1. Home
  2. Mapping Frameworks
  3. AWS Home
  4. AWS Shield Capability Group

AWS AWS Shield Capability Group

All Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name Notes
aws_shield AWS Shield respond significant T1498 Network Denial of Service
Comments
References
  1. https://aws.amazon.com/shield/?whats-new-cards.sort-by=item.additionalFields.postDateTime&whats-new-cards.sort-order=desc
  2. https://aws.amazon.com/shield/features/
aws_shield AWS Shield respond significant T1498.001 Direct Network Flood
Comments
AWS Shield will set and use a static network flow threshold to detect incoming traffic to AWS services. This will reduce direct network DOS attacks by applying an undisclosed combination of traffic signatures, anomaly algorithms, and other analysis techniques to detect malicious traffic in real-time. AWS Shield Advance identifies anomalies in network traffic to flag attempted attacks and execute inline mitigations to resolve the issue.
References
    aws_shield AWS Shield respond significant T1498.002 Reflection Amplification
    Comments
    AWS Shield will set and use a static network flow threshold to detect incoming traffic to AWS services. This will reduce direct network DOS attacks by applying an undisclosed combination of traffic signatures, anomaly algorithms, and other analysis techniques to detect malicious traffic in real-time. AWS Shield Advance identifies anomalies in network traffic to flag attempted attacks and execute inline mitigations to resolve the issue.
    References
      aws_shield AWS Shield respond significant T1499 Endpoint Denial of Service
      Comments
      References
      1. https://aws.amazon.com/shield/?whats-new-cards.sort-by=item.additionalFields.postDateTime&whats-new-cards.sort-order=desc
      2. https://aws.amazon.com/shield/features/
      aws_shield AWS Shield respond significant T1499.001 OS Exhaustion Flood
      Comments
      AWS Shield Standard provides protection and response to these Denial of Service attacks in real time by using a network traffic baseline and identifying anomalies among other techniques.
      References
        aws_shield AWS Shield respond significant T1499.002 Service Exhaustion Flood
        Comments
        AWS Shield Standard provides protection and response to these Denial of Service attacks in real time by using a network traffic baseline and identifying anomalies among other techniques.
        References
          aws_shield AWS Shield respond significant T1499.003 Application Exhaustion Flood
          Comments
          AWS Shield Advance allows for customized detection and mitigations for custom applications that are running on EC2 instances.
          References

            Capabilities

            Capability ID Capability Name Number of Mappings
            aws_shield AWS Shield 7