1. Home
  2. Mapping Frameworks
  3. AWS Home
  4. AWS IoT Device Defender

AWS aws_iot_device_defender Mappings

AWS IoT Device Defender is a security service that allows users to audit the configuration of their Internet of Things (IoT) devices, monitor connected devices to detect abnormal behavior, and mitigate security risks. It provides the ability to enforce consistent security policies across AWS IoT device fleets and respond when devices are compromised.

Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name
aws_iot_device_defender AWS IoT Device Defender protect minimal T1020 Automated Exfiltration
aws_iot_device_defender AWS IoT Device Defender protect partial T1020.001 Traffic Duplication
aws_iot_device_defender AWS IoT Device Defender protect partial T1040 Network Sniffing
aws_iot_device_defender AWS IoT Device Defender detect partial T1041 Exfiltration Over C2 Channel
aws_iot_device_defender AWS IoT Device Defender detect partial T1046 Network Service Scanning
aws_iot_device_defender AWS IoT Device Defender detect partial T1048 Exfiltration Over Alternative Protocol
aws_iot_device_defender AWS IoT Device Defender detect partial T1048.001 Exfiltration Over Symmetric Encrypted Non-C2 Protocol
aws_iot_device_defender AWS IoT Device Defender detect partial T1048.002 Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
aws_iot_device_defender AWS IoT Device Defender detect partial T1048.003 Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol
aws_iot_device_defender AWS IoT Device Defender detect minimal T1071 Application Layer Protocol
aws_iot_device_defender AWS IoT Device Defender detect minimal T1078 Valid Accounts
aws_iot_device_defender AWS IoT Device Defender protect minimal T1078 Valid Accounts
aws_iot_device_defender AWS IoT Device Defender detect partial T1078.004 Cloud Accounts
aws_iot_device_defender AWS IoT Device Defender protect partial T1078.004 Cloud Accounts
aws_iot_device_defender AWS IoT Device Defender detect minimal T1095 Non-Application Layer Protocol
aws_iot_device_defender AWS IoT Device Defender detect partial T1496 Resource Hijacking
aws_iot_device_defender AWS IoT Device Defender detect partial T1530 Data from Cloud Storage Object
aws_iot_device_defender AWS IoT Device Defender detect minimal T1552 Unsecured Credentials
aws_iot_device_defender AWS IoT Device Defender detect partial T1552.004 Private Keys
aws_iot_device_defender AWS IoT Device Defender protect minimal T1557 Man-in-the-Middle
aws_iot_device_defender AWS IoT Device Defender detect minimal T1562 Impair Defenses
aws_iot_device_defender AWS IoT Device Defender respond minimal T1562 Impair Defenses
aws_iot_device_defender AWS IoT Device Defender detect partial T1562.008 Disable Cloud Logs
aws_iot_device_defender AWS IoT Device Defender respond partial T1562.008 Disable Cloud Logs