| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| defender_for_open_source_databases | Microsoft Defender for Open-Source Relational Databases | detect | partial | T1110 | Brute Force |
Comments
This control can detect attempted or successful brute force attacks.
References
|
| defender_for_open_source_databases | Microsoft Defender for Open-Source Relational Databases | detect | partial | T1190 | Exploit Public-Facing Application |
Comments
This control can detect artifacts of common exploit traffic.
References
|
| defender_for_open_source_databases | Microsoft Defender for Open-Source Relational Databases | detect | partial | T1213 | Data from Information Repositories |
Comments
This control can detect suspicious login activity.
References
|
| defender_for_open_source_databases | Microsoft Defender for Open-Source Relational Databases | detect | partial | T1580 | Cloud Infrastructure Discovery |
Comments
This control can detect unusual activity related to cloud data object storage enumeration.
References
|
| defender_for_open_source_databases | Microsoft Defender for Open-Source Relational Databases | detect | partial | T1595 | Active Scanning |
Comments
This control can detect traffic patterns and packet inspection associated to protocols that do not follow the expected protocol standards and traffic flows (e.g., extraneous packets that do not belong to established flows).
References
|