Azure azure_automation_update_management Mappings

"Use Azure Automation Update Management or a third-party solution to ensure that the most recent security updates are installed on your Windows and Linux VMs. "

Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name Notes
azure_automation_update_management Azure Automation Update Management protect partial T1195 Supply Chain Compromise
Comments
This control provides coverage of some aspects of software supply chain compromise since it enables automated updates of software and rapid configuration change management.
References
azure_automation_update_management Azure Automation Update Management protect partial T1195.002 Compromise Software Supply Chain
Comments
This control provides coverage of some aspects of software supply chain compromise since it enables automated updates of software and rapid configuration change management.
References
    azure_automation_update_management Azure Automation Update Management protect partial T1195.001 Compromise Software Dependencies and Development Tools
    Comments
    This control provides coverage of some aspects of software supply chain compromise since it enables automated updates of software and rapid configuration change management.
    References
      azure_automation_update_management Azure Automation Update Management protect partial T1072 Software Deployment Tools
      Comments
      This control provides partial coverage of attacks that leverage software flaws in unpatched deployment tools since it enables automated updates of software and rapid configuration change management.
      References
      azure_automation_update_management Azure Automation Update Management protect significant T1210 Exploitation of Remote Services
      Comments
      This control provides significant coverage of techniques that leverage vulnerabilities in unpatched remote services since it enables automated updates of software and rapid configuration change management.
      References
      azure_automation_update_management Azure Automation Update Management protect significant T1211 Exploitation for Defense Evasion
      Comments
      This control provides significant coverage of defensive evasion methods that exploit unpatched vulnerabilities in software/systems since it enables automated updates of software and rapid configuration change management.
      References
      azure_automation_update_management Azure Automation Update Management protect significant T1068 Exploitation for Privilege Escalation
      Comments
      This control provides significant coverage of methods that leverage vulnerabilities in unpatched software since it enables automated updates of software and rapid configuration change management
      References
      azure_automation_update_management Azure Automation Update Management protect partial T1190 Exploit Public-Facing Application
      Comments
      This control provides partial coverage for techniques that exploit vulnerabilities in (common) unpatched software since it enables automated updates of software and rapid configuration change management.
      References
      azure_automation_update_management Azure Automation Update Management protect significant T1212 Exploitation for Credential Access
      Comments
      This control provides significant coverage of credential access techniques that leverage unpatched software vulnerabilities since it enables automated updates of software and rapid configuration change management.
      References
      azure_automation_update_management Azure Automation Update Management protect significant T1203 Exploitation for Client Execution
      Comments
      This control provides significant coverage for Exploitation for client execution methods that leverage unpatched vulnerabilities since it enables automated updates of software and rapid configuration change management.
      References
      azure_automation_update_management Azure Automation Update Management protect partial T1499 Endpoint Denial of Service
      Comments
      This control provides protection against the subset of Denial of Service (DOS) attacks that leverage system/application vulnerabilities as opposed to volumetric attacks since it enables automated updates of software and rapid configuration change management.
      References
      azure_automation_update_management Azure Automation Update Management protect significant T1499.004 Application or System Exploitation
      Comments
      This control provides significant protection against Denial of Service (DOS) attacks that leverage system/application vulnerabilities as opposed to volumetric attacks since it enables automated updates of software and rapid configuration change management.
      References
        azure_automation_update_management Azure Automation Update Management protect partial T1554 Compromise Client Software Binary
        Comments
        This control provides partial protection against compromised client software binaries since it can provide a baseline to compare with potentially compromised/modified software binaries.
        References
        azure_automation_update_management Azure Automation Update Management protect partial T1189 Drive-by Compromise
        Comments
        This control protects against a subset of drive-by methods that leverage unpatched client software since it enables automated updates of software and rapid configuration change management
        References