Azure DDoS Protection (formerly Azure DDOS Protection Standard), combined with application design best practices, provides enhanced DDoS mitigation features to defend against DDoS attacks. It is automatically tuned to help protect specific Azure resources in a virtual network.
| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| azure_ddos_protection | Azure DDoS Protection | protect | significant | T1498 | Network Denial of Service |
Comments
Designed to address multiple DDOS techniques including volumetric attacks.
References
|
| azure_ddos_protection | Azure DDoS Protection | protect | significant | T1498.001 | Direct Network Flood |
Comments
This control can protect against network denial of service attacks.
References
|
| azure_ddos_protection | Azure DDoS Protection | protect | significant | T1498.002 | Reflection Amplification |
Comments
This control can protect against network denial of service attacks.
References
|
| azure_ddos_protection | Azure DDoS Protection | protect | significant | T1499 | Endpoint Denial of Service |
Comments
Protects against volumetric and protocol DOS, though not application.
References
|
| azure_ddos_protection | Azure DDoS Protection | protect | significant | T1499.001 | OS Exhaustion Flood |
Comments
This control can protect against endpoint denial of service attacks.
References
|
| azure_ddos_protection | Azure DDoS Protection | protect | significant | T1499.002 | Service Exhaustion Flood |
Comments
This control can protect against endpoint denial of service attacks.
References
|
| azure_ddos_protection | Azure DDoS Protection | protect | significant | T1499.003 | Application Exhaustion Flood |
Comments
This control can protect against endpoint denial of service attacks.
References
|