Home
Mapping Frameworks
Azure Home
Microsoft Defender for Cloud: Microsoft Defender for APIs

Azure defender_for_apis

Microsoft Defender for APIs offers lifecycle protection, detection, and response coverage for APIs published in Azure API Management. Usage includes investigation to improve API security posture, prioritize vulnerability fixes, and detect active real-time threats.

Mappings

Capability ID	Capability Description	Category	Value	ATT&CK ID	ATT&CK Name	Notes
defender_for_apis	Microsoft Defender for Cloud: Microsoft Defender for APIs	detect	partial	T1059.009	Cloud API	Comments This control can detect when anomalous parameters are passed to a cloud API that could indicate abuse of a command and scripting interpreter. References https://learn.microsoft.com/en-us/azure/defender-for-cloud/alerts-defender-for-apis
defender_for_apis	Microsoft Defender for Cloud: Microsoft Defender for APIs	detect	significant	T1552.007	Container API	Comments This capability can detect anomalous usage of APIs. References https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-apis-introduction
defender_for_apis	Microsoft Defender for Cloud: Microsoft Defender for APIs	protect	significant	T1552.007	Container API	Comments This capability can support configuration of APIs to protect against access to unsecured credentials. References https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-apis-introduction
defender_for_apis	Microsoft Defender for Cloud: Microsoft Defender for APIs	protect	partial	T1555	Credentials from Password Stores	Comments This control can protect APIs from adversaries attempting to access credentials. References https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-apis-introduction