Home
Mapping Frameworks
Azure Home
Microsoft Defender for Open-Source Relational Databases Capability Group

Azure Microsoft Defender for Open-Source Relational Databases Capability Group

All Mappings

Capability ID	Capability Description	Category	Value	ATT&CK ID	ATT&CK Name	Notes
defender_for_open_source_databases	Microsoft Defender for Open-Source Relational Databases	detect	partial	T1110	Brute Force	Comments This control can detect attempted or successful brute force attacks. References https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-open-source-relational-databases
defender_for_open_source_databases	Microsoft Defender for Open-Source Relational Databases	detect	partial	T1190	Exploit Public-Facing Application	Comments This control can detect artifacts of common exploit traffic. References https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-open-source-relational-databases
defender_for_open_source_databases	Microsoft Defender for Open-Source Relational Databases	detect	partial	T1213	Data from Information Repositories	Comments This control can detect suspicious login activity. References https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-open-source-relational-databases
defender_for_open_source_databases	Microsoft Defender for Open-Source Relational Databases	detect	partial	T1580	Cloud Infrastructure Discovery	Comments This control can detect unusual activity related to cloud data object storage enumeration. References https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-open-source-relational-databases
defender_for_open_source_databases	Microsoft Defender for Open-Source Relational Databases	detect	partial	T1595	Active Scanning	Comments This control can detect traffic patterns and packet inspection associated to protocols that do not follow the expected protocol standards and traffic flows (e.g., extraneous packets that do not belong to established flows). References https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-open-source-relational-databases

Capabilities

Capability ID	Capability Name	Number of Mappings
defender_for_open_source_databases	Microsoft Defender for Open-Source Relational Databases	5