| Capability ID | Capability Description | Category | Value | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|---|
| azure_automation_update_management | Azure Automation Update Management | protect | partial | T1195 | Supply Chain Compromise |
Comments
This control provides coverage of some aspects of software supply chain compromise since it enables automated updates of software and rapid configuration change management.
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | partial | T1195.002 | Compromise Software Supply Chain |
Comments
This control provides coverage of some aspects of software supply chain compromise since it enables automated updates of software and rapid configuration change management.
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | partial | T1195.001 | Compromise Software Dependencies and Development Tools |
Comments
This control provides coverage of some aspects of software supply chain compromise since it enables automated updates of software and rapid configuration change management.
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | partial | T1072 | Software Deployment Tools |
Comments
This control provides partial coverage of attacks that leverage software flaws in unpatched deployment tools since it enables automated updates of software and rapid configuration change management.
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | significant | T1210 | Exploitation of Remote Services |
Comments
This control provides significant coverage of techniques that leverage vulnerabilities in unpatched remote services since it enables automated updates of software and rapid configuration change management.
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | significant | T1211 | Exploitation for Defense Evasion |
Comments
This control provides significant coverage of defensive evasion methods that exploit unpatched vulnerabilities in software/systems since it enables automated updates of software and rapid configuration change management.
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | significant | T1068 | Exploitation for Privilege Escalation |
Comments
This control provides significant coverage of methods that leverage vulnerabilities in unpatched software since it enables automated updates of software and rapid configuration change management
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | partial | T1190 | Exploit Public-Facing Application |
Comments
This control provides partial coverage for techniques that exploit vulnerabilities in (common) unpatched software since it enables automated updates of software and rapid configuration change management.
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | significant | T1212 | Exploitation for Credential Access |
Comments
This control provides significant coverage of credential access techniques that leverage unpatched software vulnerabilities since it enables automated updates of software and rapid configuration change management.
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | significant | T1203 | Exploitation for Client Execution |
Comments
This control provides significant coverage for Exploitation for client execution methods that leverage unpatched vulnerabilities since it enables automated updates of software and rapid configuration change management.
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | partial | T1499 | Endpoint Denial of Service |
Comments
This control provides protection against the subset of Denial of Service (DOS) attacks that leverage system/application vulnerabilities as opposed to volumetric attacks since it enables automated updates of software and rapid configuration change management.
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | significant | T1499.004 | Application or System Exploitation |
Comments
This control provides significant protection against Denial of Service (DOS) attacks that leverage system/application vulnerabilities as opposed to volumetric attacks since it enables automated updates of software and rapid configuration change management.
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | partial | T1554 | Compromise Client Software Binary |
Comments
This control provides partial protection against compromised client software binaries since it can provide a baseline to compare with potentially compromised/modified software binaries.
References
|
| azure_automation_update_management | Azure Automation Update Management | protect | partial | T1189 | Drive-by Compromise |
Comments
This control protects against a subset of drive-by methods that leverage unpatched client software since it enables automated updates of software and rapid configuration change management
References
|