| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| azure_private_link | Azure Private Link | protect | minimal | T1565 | Data Manipulation |
Comments
This control provides partial protection for one of this technique's sub-techniques resulting in an overall Minimal score.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1040 | Network Sniffing |
Comments
This control reduces the likelihood of a network sniffing attack for traffic between remote users, cloud, and 3rd parties by routing the traffic via the Microsoft backbone rather than over the Internet.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1498 | Network Denial of Service |
Comments
Prevents Denial of Service (DOS) against systems that would otherwise need to connect via an internet-traversing path (coverage partial, since doesn't apply to systems that must be directly exposed to the Internet)
References
|
| azure_private_link | Azure Private Link | protect | partial | T1498.001 | Direct Network Flood |
Comments
This control can protect against network denial of service attacks.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1498.002 | Reflection Amplification |
Comments
This control can protect against network denial of service attacks.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1499 | Endpoint Denial of Service |
Comments
Prevents Denial of Service (DOS) against systems that would otherwise need to connect via an internet-traversing path (coverage partial, since doesn't apply to systems that must be directly exposed to the Internet)
References
|
| azure_private_link | Azure Private Link | protect | partial | T1499.001 | OS Exhaustion Flood |
Comments
This control can protect against endpoint denial of service attacks.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1499.002 | Service Exhaustion Flood |
Comments
This control can protect against endpoint denial of service attacks.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1499.003 | Application Exhaustion Flood |
Comments
This control can protect against endpoint denial of service attacks.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1499.004 | Application or System Exploitation |
Comments
This control can protect against endpoint denial of service attacks.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1557 | Adversary-in-the-Middle |
Comments
This control provides partial protection for this technique's sub-techniques resulting in an overall Partial score.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1557.001 | LLMNR/NBT-NS Poisoning and SMB Relay |
Comments
This control reduces the likelihood of MiTM for traffic between remote users, cloud, and 3rd parties by routing the traffic via the Microsoft backbone rather than over the Internet.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1557.002 | ARP Cache Poisoning |
Comments
This control reduces the likelihood of MiTM for traffic between remote users, cloud, and 3rd parties by routing the traffic via the Microsoft backbone rather than over the Internet.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1565.002 | Transmitted Data Manipulation |
Comments
This control reduces the likelihood of data manipulation for traffic between remote users, cloud, and 3rd parties by routing the traffic via the Microsoft backbone rather than over the Internet.
References
|
| azure_private_link | Azure Private Link | protect | partial | T1659 | Content Injection |
Comments
This capability provides protection against content inection.
References
|
| Capability ID | Capability Name | Number of Mappings |
|---|---|---|
| azure_private_link | Azure Private Link | 15 |