| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| defender_for_apis | Microsoft Defender for Cloud: Microsoft Defender for APIs | detect | partial | T1059.009 | Cloud API |
Comments
This control can detect when anomalous parameters are passed to a cloud API that could indicate abuse of a command and scripting interpreter.
References
|
| defender_for_apis | Microsoft Defender for Cloud: Microsoft Defender for APIs | detect | significant | T1552.007 | Container API |
Comments
This capability can detect anomalous usage of APIs.
References
|
| defender_for_apis | Microsoft Defender for Cloud: Microsoft Defender for APIs | protect | significant | T1552.007 | Container API |
Comments
This capability can support configuration of APIs to protect against access to unsecured credentials.
References
|
| defender_for_apis | Microsoft Defender for Cloud: Microsoft Defender for APIs | protect | partial | T1555 | Credentials from Password Stores |
Comments
This control can protect APIs from adversaries attempting to access credentials.
References
|
| Capability ID | Capability Name | Number of Mappings |
|---|---|---|
| defender_for_apis | Microsoft Defender for Cloud: Microsoft Defender for APIs | 4 |