Azure azure_defender_for_container_registries Mappings

Azure Defender for container registries includes a vulnerability scanner to scan the images in your Azure Resource Manager-based Azure Container Registry registries and provide deeper visibility into your images' vulnerabilities. The integrated scanner is powered by Qualys. Azure Container Registry is a managed, private Docker registry service based on the open-source Docker Registry 2.0.

Mappings

Capability ID Capability Description Category Value ATT&CK ID ATT&CK Name Notes
azure_defender_for_container_registries Azure Defender for Container Registries protect minimal T1190 Exploit Public-Facing Application
Comments
This control may provide provide information about vulnerabilities within container images. The limited scope of containers and registries that are applicable to this control contribute to the lower score.
References
azure_defender_for_container_registries Azure Defender for Container Registries protect minimal T1068 Exploitation for Privilege Escalation
Comments
This control may provide recommendations to avoid privileged containers and running containers as root.
References
azure_defender_for_container_registries Azure Defender for Container Registries protect partial T1525 Implant Container Image
Comments
This control may prevent adversaries from implanting malicious container images through fine grained permissions and use of container image tag signing. Image tag signing allows for verifiable container images that have been signed with legitimate keys.
References
azure_defender_for_container_registries Azure Defender for Container Registries detect partial T1525 Implant Container Image
Comments
This control may scan and alert on import or creation of container images with known vulnerabilities or a possible expanded surface area for exploitation.
References