1. Home
  2. Mapping Frameworks
  3. Azure Home
  4. Microsoft Defender for Cloud: DevOps Security

Azure devops_security

DevOps Security in Defender for Cloud helps protect applications and resources from code to cloud across multi-pipeline environments, including Azure DevOps, GitHub, and GitLab. DevOps Security recommendations can be correlated with other contextual cloud security insights to prioritize remediation in code.

Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name Notes
devops_security Microsoft Defender for Cloud: DevOps Security protect partial T1098 Account Manipulation
Comments
This capability can protect against Account Manipulation by requiring DevOps best practices.
References
  1. https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction
  2. https://github.com/Azure/template-analyzer/blob/main/docs/built-in-rules.md#built-in-rules
devops_security Microsoft Defender for Cloud: DevOps Security protect partial T1098.001 Additional Cloud Credentials
Comments
This capability can protect against creation of additional cloud credentials by requiring DevOps best practices.
References
  1. https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction
  2. https://github.com/Azure/template-analyzer/blob/main/docs/built-in-rules.md#built-in-rules
devops_security Microsoft Defender for Cloud: DevOps Security protect partial T1213.003 Code Repositories
Comments
This control can protect against repository misconfigurations.
References
  1. https://learn.microsoft.com/en-us/azure/defender-for-cloud/iac-vulnerabilities
devops_security Microsoft Defender for Cloud: DevOps Security protect partial T1552.007 Container API
Comments
This capability can protect against unsecured Container API credentials by ensuring credential security is part of the DevOps process.
References
  1. https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction
  2. https://github.com/Azure/template-analyzer/blob/main/docs/built-in-rules.md#built-in-rules
devops_security Microsoft Defender for Cloud: DevOps Security protect partial T1557 Adversary-in-the-Middle
Comments
This capability can protect against adversary-in-the-middle attacks by ensuring encryption is baked into the DevOps process of applications.
References
  1. https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction
  2. https://github.com/Azure/template-analyzer/blob/main/docs/built-in-rules.md#built-in-rules
devops_security Microsoft Defender for Cloud: DevOps Security protect partial T1564.009 Resource Forking
Comments
This control can provide DevOps guidance that applications should use the application bundle structure which leverages the /Resources folder location to mitigate resource forking.
References
  1. https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction
devops_security Microsoft Defender for Cloud: DevOps Security protect partial T1593.003 Code Repositories
Comments
This control can protect code repositories by employing DevSecOps best practices.
References
  1. https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction
devops_security Microsoft Defender for Cloud: DevOps Security protect significant T1189 Drive-by Compromise
Comments
This capability can protect against drive by compromise by ensuring application security is baked into DevOps.
References
  1. https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction
devops_security Microsoft Defender for Cloud: DevOps Security protect significant T1190 Exploit Public-Facing Application
Comments
This capability can protect against exploitation of public facing applications by ensuring application security is baked into DevOps.
References
  1. https://learn.microsoft.com/en-us/azure/defender-for-cloud/defender-for-devops-introduction