1. Home
  2. Mapping Frameworks
  3. Azure Home
  4. Azure Alerts for Network Layer

Azure azure_alerts_for_network_layer Mappings

Security Center network-layer analytics are based on sample IPFIX data, which are packet headers collected by Azure core routers. Based on this data feed, Security Center uses machine learning models to identify and flag malicious traffic activities. Security Center also uses the Microsoft Threat Intelligence database to enrich IP addresses.

Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name
azure_alerts_for_network_layer Azure Alerts for Network Layer detect significant T1110 Brute Force
azure_alerts_for_network_layer Azure Alerts for Network Layer detect significant T1110.003 Password Spraying
azure_alerts_for_network_layer Azure Alerts for Network Layer detect significant T1110.001 Password Guessing
azure_alerts_for_network_layer Azure Alerts for Network Layer detect significant T1110.004 Credential Stuffing
azure_alerts_for_network_layer Azure Alerts for Network Layer detect minimal T1071 Application Layer Protocol
azure_alerts_for_network_layer Azure Alerts for Network Layer detect minimal T1071.004 DNS
azure_alerts_for_network_layer Azure Alerts for Network Layer detect minimal T1071.003 Mail Protocols
azure_alerts_for_network_layer Azure Alerts for Network Layer detect minimal T1071.002 File Transfer Protocols
azure_alerts_for_network_layer Azure Alerts for Network Layer detect minimal T1071.001 Web Protocols
azure_alerts_for_network_layer Azure Alerts for Network Layer detect partial T1133 External Remote Services