Microsoft Defender for APIs offers lifecycle protection, detection, and response coverage for APIs published in Azure API Management. Usage includes investigation to improve API security posture, prioritize vulnerability fixes, and detect active real-time threats.
| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| defender_for_apis | Microsoft Defender for Cloud: Microsoft Defender for APIs | detect | partial | T1059.009 | Cloud API |
Comments
This control can detect when anomalous parameters are passed to a cloud API that could indicate abuse of a command and scripting interpreter.
References
|
| defender_for_apis | Microsoft Defender for Cloud: Microsoft Defender for APIs | detect | significant | T1552.007 | Container API |
Comments
This capability can detect anomalous usage of APIs.
References
|
| defender_for_apis | Microsoft Defender for Cloud: Microsoft Defender for APIs | protect | significant | T1552.007 | Container API |
Comments
This capability can support configuration of APIs to protect against access to unsecured credentials.
References
|
| defender_for_apis | Microsoft Defender for Cloud: Microsoft Defender for APIs | protect | partial | T1555 | Credentials from Password Stores |
Comments
This control can protect APIs from adversaries attempting to access credentials.
References
|